nj1015.com Open in urlscan Pro
192.229.233.217 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nj1015.com/
Effective URL:
https://nj1015.com/
Submission: On October 20 via manual (October 20th 2021, 5:14:40 am UTC) from US — Scanned from DE

Summary HTTP 334 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 102 IPs in 10 countries across 96 domains to perform 334 HTTP transactions. The main IP is 192.229.233.217, located in Los Angeles, United States and belongs to EDGECAST, US. The main domain is nj1015.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 23rd 2021. Valid for: a year.

This is the only time nj1015.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	192.229.233.217 192.229.233.217	15133 (EDGECAST) (EDGECAST)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
12	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
56	192.229.233.181 192.229.233.181	15133 (EDGECAST) (EDGECAST)
1	52.222.250.140 52.222.250.140	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.229.233.218 192.229.233.218	15133 (EDGECAST) (EDGECAST)
15	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
1 1	157.240.20.63 157.240.20.63	32934 (FACEBOOK) (FACEBOOK)
1 2	157.240.20.174 157.240.20.174	32934 (FACEBOOK) (FACEBOOK)
2	104.111.219.144 104.111.219.144	16625 (AKAMAI-AS) (AKAMAI-AS)
4	52.222.210.175 52.222.210.175	16509 (AMAZON-02) (AMAZON-02)
4	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
5	157.240.20.19 157.240.20.19	32934 (FACEBOOK) (FACEBOOK)
6	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
5	74.125.140.154 74.125.140.154	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
8 13	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
2	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
2	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1 17	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	18.66.97.124 18.66.97.124	16509 (AMAZON-02) (AMAZON-02)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
8	52.48.175.241 52.48.175.241	16509 (AMAZON-02) (AMAZON-02)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	3.125.147.153 3.125.147.153	16509 (AMAZON-02) (AMAZON-02)
6	167.172.1.14 167.172.1.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.121.182.182 3.121.182.182	16509 (AMAZON-02) (AMAZON-02)
6	213.19.162.61 213.19.162.61	3356 (LEVEL3) (LEVEL3)
1	64.158.223.146 64.158.223.146	41041 (VCLK-EU-SE) (VCLK-EU-SE)
7	157.240.20.35 157.240.20.35	32934 (FACEBOOK) (FACEBOOK)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
4	104.111.247.126 104.111.247.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.181.237 142.250.181.237	15169 (GOOGLE) (GOOGLE)
4	64.158.223.137 64.158.223.137	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	18.66.122.105 18.66.122.105	16509 (AMAZON-02) (AMAZON-02)
2	2.16.186.40 2.16.186.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.66.112.92 18.66.112.92	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
1	18.66.139.28 18.66.139.28	16509 (AMAZON-02) (AMAZON-02)
1	52.16.211.92 52.16.211.92	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
1	104.26.7.139 104.26.7.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	104.18.11.79 104.18.11.79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	172.67.69.19 172.67.69.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
1	13.32.99.16 13.32.99.16	16509 (AMAZON-02) (AMAZON-02)
1	35.190.38.143 35.190.38.143	15169 (GOOGLE) (GOOGLE)
2 7	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
6 6	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.97.128 18.66.97.128	16509 (AMAZON-02) (AMAZON-02)
1 1	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
8	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	52.57.38.160 52.57.38.160	16509 (AMAZON-02) (AMAZON-02)
2 2	18.197.87.177 18.197.87.177	16509 (AMAZON-02) (AMAZON-02)
7 8	18.185.142.87 18.185.142.87	16509 (AMAZON-02) (AMAZON-02)
1 1	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
6 7	52.16.151.94 52.16.151.94	16509 (AMAZON-02) (AMAZON-02)
12 16	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
6 6	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	199.187.193.166 199.187.193.166	47043 (SMARTADSE...) (SMARTADSERVER)
2 2	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
2 2	91.228.74.198 91.228.74.198	16509 (AMAZON-02) (AMAZON-02)
3 4	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	108.174.11.69 108.174.11.69	14413 (LINKEDIN) (LINKEDIN)
2 4	52.30.199.223 52.30.199.223	16509 (AMAZON-02) (AMAZON-02)
1	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	209.54.178.82 209.54.178.82	16509 (AMAZON-02) (AMAZON-02)
1 1	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
3 3	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
7	107.23.118.141 107.23.118.141	14618 (AMAZON-AES) (AMAZON-AES)
3 3	18.184.201.8 18.184.201.8	16509 (AMAZON-02) (AMAZON-02)
6 6	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	88.214.206.247 88.214.206.247	46636 (NATCOWEB) (NATCOWEB)
11 11	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	51.68.39.188 51.68.39.188	16276 (OVH) (OVH)
4 5	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
12 19	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 6	51.210.112.63 51.210.112.63	16276 (OVH) (OVH)
3 3	52.30.14.23 52.30.14.23	16509 (AMAZON-02) (AMAZON-02)
6 7	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
1 1	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
1 3	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1	178.162.133.148 178.162.133.148	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	152.199.22.191 152.199.22.191	15133 (EDGECAST) (EDGECAST)
11	193.122.130.38 193.122.130.38	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2 2	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
1	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	208.100.17.174 208.100.17.174	32748 (STEADFAST) (STEADFAST)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
3 4	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1 1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	54.208.200.8 54.208.200.8	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1 1	38.27.122.158 38.27.122.158	174 (COGENT-174) (COGENT-174)
1 2	3.121.240.184 3.121.240.184	16509 (AMAZON-02) (AMAZON-02)
1	35.157.241.112 35.157.241.112	16509 (AMAZON-02) (AMAZON-02)
2 2	188.165.4.142 188.165.4.142	16276 (OVH) (OVH)
1 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	87.248.118.23 87.248.118.23	203220 (YAHOO-DEB) (YAHOO-DEB)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1	198.47.127.20 198.47.127.20	() ()
334	102

21 192.229.233.217 (Los Angeles, United States) 1 redirects

ASN15133 (EDGECAST, US)

nj1015.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 192.229.233.181 (Los Angeles, United States)

ASN15133 (EDGECAST, US)

townsquare.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.250.140 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-140.fra60.r.cloudfront.net

d1180od816jent.cloudfront.net.	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.21 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

native.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Ascension Island) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.218 (Los Angeles, United States)

ASN15133 (EDGECAST, US)

cdn.production.townsquareblogs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.20.63 (United States) 1 redirects

ASN32934 (FACEBOOK, US)
PTR: instagram-p3-shv-02-frt3.fbcdn.net

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.20.174 (United States) 1 redirects

ASN32934 (FACEBOOK, US)
PTR: instagram-p42-shv-02-frt3.fbcdn.net

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.219.144 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.210.175 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.20.19 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.140.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 76.223.111.131 (Seattle, United States) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.53 (Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

townsquaremedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.124 (United States)

ASN16509 (AMAZON-02, US)

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.48.175.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.147.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-147-153.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 167.172.1.14 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.182.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-182-182.eu-central-1.compute.amazonaws.com

krk.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.158.223.146 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: 146.vip.crm-node2.ams5.cnvr.net

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 157.240.20.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.247.126 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-126.deploy.static.akamaitechnologies.com

cdn.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.237 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f13.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.158.223.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-usadmm.dotomi.com

api.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
openx2-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.105 (United States)

ASN16509 (AMAZON-02, US)

tags.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.40 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com

cdn.mmctsvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.92 (United States)

ASN16509 (AMAZON-02, US)

static.solutionshindsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.28 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.211.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-211-92.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.7.139 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.11.79 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.16 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-16.fra60.r.cloudfront.net

promotions.minutemediaservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.38.143 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 143.38.190.35.bc.googleusercontent.com

pubcast-files.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.248.245.213 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.29.132.245 (United Kingdom) 6 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.128 (United States)

ASN16509 (AMAZON-02, US)

cdn.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.131.220 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

serverbid-sync.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.109.78.125 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.244 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.38.160 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-38-160.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.87.177 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-87-177.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.185.142.87 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-142-87.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Germany) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.16.151.94 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-151-94.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 216.58.212.130 (Mountain View, United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.80 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.166 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.140 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.198 (United Kingdom) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.238 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.11.69 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-69.fwd.linkedin.com

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.30.199.223 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-199-223.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.178.82 (Osaka, Japan) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.35.65 (Ascension Island) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 107.23.118.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-118-141.compute-1.amazonaws.com

usr.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.184.201.8 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-201-8.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.156.0.31 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.247 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.64.190.79 (United Kingdom) 11 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.39.188 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.110 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.114 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.149 (Southampton, United Kingdom) 3 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Ascension Island) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.101.194.49 (United States) 12 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.210.112.63 (France) 6 redirects

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.30.14.23 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.122.214.165 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.50.137.190 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.148 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1.go.sonobi.com

go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.191 (United States)

ASN15133 (EDGECAST, US)

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 193.122.130.38 (Seattle, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uat-net.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.46.186.57 (Dallas, United States) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.174 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip174.208-100-17.static.steadfastdns.net

pixel.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (Germany)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.44 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.208.200.8 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-200-8.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.158 (Chestertown, United States) 1 redirects

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.240.184 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-240-184.eu-central-1.compute.amazonaws.com

j.mrpdata.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.241.112 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-241-112.eu-central-1.compute.amazonaws.com

match.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.165.4.142 (Ireland) 2 redirects

ASN16276 (OVH, FR)
PTR: ip142.ip-188-165-4.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.118.23 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
PTR: e2.ycpi.vip.deb.yahoo.com

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	townsquare.media townsquare.media	2 MB
32	pubmatic.com 22 redirects hbopenbid.pubmatic.com ads.pubmatic.com image2.pubmatic.com image6.pubmatic.com image8.pubmatic.com simage2.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	51 KB
28	rubiconproject.com 7 redirects fastlane.rubiconproject.com eus.rubiconproject.com secure-assets.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com pixel-us-east.rubiconproject.com	51 KB
24	doubleclick.net 12 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net	127 KB
21	nj1015.com 1 redirects nj1015.com	245 KB
19	everesttech.net 12 redirects sync-tm.everesttech.net	5 KB
19	openx.net 2 redirects townsquaremedia-d.openx.net eu-u.openx.net us-u.openx.net rtb.openx.net	4 KB
13	adsrvr.org 8 redirects match.adsrvr.org	5 KB
12	technoratimedia.com ad-cdn.technoratimedia.com sync.technoratimedia.com uat-net.technoratimedia.com	9 KB
12	gstatic.com fonts.gstatic.com ssl.gstatic.com	100 KB
12	google-analytics.com www.google-analytics.com	21 KB
11	yahoo.com 8 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com ads.yahoo.com	10 KB
11	google.com apis.google.com www.google.com accounts.google.com	218 KB
9	undertone.com hb.undertone.com cdn.undertone.com usr.undertone.com	5 KB
8	bidswitch.net 7 redirects x.bidswitch.net	4 KB
8	3lift.com 2 redirects tlx.3lift.com eb2.3lift.com	3 KB
8	gumgum.com g2.gumgum.com rtb.gumgum.com	8 KB
7	eyeota.net 6 redirects ps.eyeota.net	4 KB
7	bidr.io 6 redirects match.prod.bidr.io	3 KB
7	consensu.org cdn.conversant.mgr.consensu.org api.conversant.mgr.consensu.org	188 KB
7	facebook.com www.facebook.com	2 KB
7	youtube.com www.youtube.com	127 KB
7	serverbid.com 1 redirects e.serverbid.com sync.serverbid.com	2 KB
7	adnxs.com 6 redirects ib.adnxs.com secure.adnxs.com	7 KB
6	onaudience.com 6 redirects pixel.onaudience.com	3 KB
6	mathtag.com 6 redirects sync.mathtag.com	3 KB
6	casalemedia.com 3 redirects as-sec.casalemedia.com htlb.casalemedia.com ssum-sec.casalemedia.com	4 KB
6	twitter.com platform.twitter.com syndication.twitter.com	150 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com s.amazon-adsystem.com	40 KB
5	facebook.net connect.facebook.net	391 KB
4	bfmio.com 2 redirects sync.bfmio.com	1 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	63 KB
3	1rx.io 2 redirects sync.1rx.io	1 KB
3	simpli.fi 1 redirects um.simpli.fi	1 KB
3	crwdcntrl.net 3 redirects sync.crwdcntrl.net	1 KB
3	sitescout.com 3 redirects pixel-sync.sitescout.com	2 KB
3	advertising.com 3 redirects pixel.advertising.com	997 B
3	turn.com 3 redirects ad.turn.com d.turn.com	1 KB
3	360yield.com 3 redirects ad.360yield.com	831 B
3	sonobi.com apex.go.sonobi.com go.sonobi.com sync.go.sonobi.com	2 KB
3	instagram.com 2 redirects platform.instagram.com www.instagram.com	5 KB
2	erne.co 2 redirects green.erne.co	570 B
2	mrpdata.net 1 redirects j.mrpdata.net	547 B
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	393 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	criteo.com 1 redirects dis.criteo.com gum.criteo.com	589 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	tapad.com 2 redirects pixel.tapad.com	967 B
2	exelator.com 2 redirects loadm.exelator.com	2 KB
2	quantserve.com 2 redirects pixel.quantserve.com	941 B
2	contextweb.com 2 redirects bh.contextweb.com	906 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	media6degrees.com action.media6degrees.com	841 B
2	dstillery.com 2 redirects action.dstillery.com	354 B
2	btloader.com btloader.com api.btloader.com	11 KB
2	googletagmanager.com www.googletagmanager.com	94 KB
2	solutionshindsight.net static.solutionshindsight.net	25 KB
2	mmctsvc.com cdn.mmctsvc.com	123 KB
2	remixd.com tags.remixd.com pubcast-files.remixd.com	10 KB
2	dotomi.com proc.ad.cpe.dotomi.com openx2-match.dotomi.com	722 B
2	media.net prebid.media.net contextual.media.net	8 KB
2	google.de www.google.de	585 B
2	clean.gg i.clean.gg	104 B
2	rlcdn.com api.rlcdn.com id.rlcdn.com	324 B
2	fastclick.net secure.cdn.fastclick.net	19 KB
2	indexww.com js-sec.indexww.com	14 KB
1	justpremium.com match.justpremium.com	323 B
1	bnmla.com 1 redirects match.bnmla.com	883 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	489 B
1	onetag-sys.com onetag-sys.com	823 B
1	33across.com pixel.33across.com
1	districtm.io cdn.districtm.io
1	emxdgt.com cs.emxdgt.com
1	nrich.ai 1 redirects dsp.nrich.ai	489 B
1	admanmedia.com 1 redirects cs.admanmedia.com	509 B
1	zemanta.com 1 redirects b1sync.zemanta.com	301 B
1	bing.com c.bing.com	478 B
1	linkedin.com px.ads.linkedin.com	462 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com	762 B
1	admixer.net 1 redirects inv-nets.admixer.net	565 B
1	digitaloceanspaces.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com	5 KB
1	minutemediaservices.com promotions.minutemediaservices.com
1	ad-delivery.net ad-delivery.net	923 B
1	scorecardresearch.com sb.scorecardresearch.com	1 KB
1	kargo.com krk.kargo.com	673 B
1	teads.tv a.teads.tv	244 B
1	googlesyndication.com pagead2.googlesyndication.com	50 KB
1	townsquareblogs.com cdn.production.townsquareblogs.com	94 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	sharethrough.com native.sharethrough.com	73 KB
1	net. d1180od816jent.cloudfront.net.	39 KB
1	googleapis.com fonts.googleapis.com	2 KB
0	id5-sync.com Failed id5-sync.com Failed
334	96

	Domain	Requested by
56	townsquare.media	nj1015.com d1180od816jent.cloudfront.net. townsquare.media
21	nj1015.com	1 redirects nj1015.com d1180od816jent.cloudfront.net.
19	sync-tm.everesttech.net	12 redirects ads.pubmatic.com
16	cm.g.doubleclick.net	12 redirects eu-u.openx.net eb2.3lift.com
13	match.adsrvr.org	8 redirects js-sec.indexww.com d1180od816jent.cloudfront.net. eu-u.openx.net eb2.3lift.com
12	www.google-analytics.com	nj1015.com www.google-analytics.com
11	image8.pubmatic.com	11 redirects
11	us-u.openx.net	1 redirects eu-u.openx.net ad-cdn.technoratimedia.com us-u.openx.net
8	x.bidswitch.net	7 redirects eb2.3lift.com
8	eus.rubiconproject.com	d1180od816jent.cloudfront.net. eus.rubiconproject.com cdn.undertone.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com ad-cdn.technoratimedia.com
8	apis.google.com	nj1015.com d1180od816jent.cloudfront.net. www.youtube.com accounts.google.com apis.google.com
7	ps.eyeota.net	6 redirects ads.pubmatic.com
7	usr.undertone.com	cdn.undertone.com
7	match.prod.bidr.io	6 redirects ad-cdn.technoratimedia.com
7	eb2.3lift.com	2 redirects d1180od816jent.cloudfront.net. eb2.3lift.com
7	www.facebook.com	d1180od816jent.cloudfront.net. nj1015.com
7	www.youtube.com	d1180od816jent.cloudfront.net. www.youtube.com
6	uat-net.technoratimedia.com	ad-cdn.technoratimedia.com
6	pixel.onaudience.com	6 redirects
6	ups.analytics.yahoo.com	6 redirects
6	image2.pubmatic.com	6 redirects
6	sync.mathtag.com	6 redirects
6	ssl.gstatic.com	accounts.google.com nj1015.com
6	fastlane.rubiconproject.com	cdn.production.townsquareblogs.com
6	e.serverbid.com	cdn.production.townsquareblogs.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
6	fonts.gstatic.com	fonts.googleapis.com
5	sync.technoratimedia.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com ad-cdn.technoratimedia.com us-u.openx.net
5	simage2.pubmatic.com	4 redirects ads.pubmatic.com
5	pixel.rubiconproject.com	cdn.undertone.com
5	eu-u.openx.net	d1180od816jent.cloudfront.net. eu-u.openx.net
5	g2.gumgum.com	cdn.production.townsquareblogs.com
5	ib.adnxs.com	4 redirects cdn.production.townsquareblogs.com
5	stats.g.doubleclick.net	www.google-analytics.com
5	connect.facebook.net	nj1015.com d1180od816jent.cloudfront.net.
4	token.rubiconproject.com	4 redirects
4	sync.bfmio.com	2 redirects ad-cdn.technoratimedia.com
4	pr-bh.ybp.yahoo.com	2 redirects ads.pubmatic.com us-u.openx.net
4	c1.adform.net	3 redirects ads.pubmatic.com
4	ssum-sec.casalemedia.com	3 redirects js-sec.indexww.com
4	ads.pubmatic.com	d1180od816jent.cloudfront.net. ads.pubmatic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com ad-cdn.technoratimedia.com
4	cdn.conversant.mgr.consensu.org	d1180od816jent.cloudfront.net. cdn.conversant.mgr.consensu.org
4	platform.twitter.com	nj1015.com d1180od816jent.cloudfront.net.
4	c.amazon-adsystem.com	nj1015.com c.amazon-adsystem.com
3	sync.1rx.io	2 redirects ad-cdn.technoratimedia.com
3	um.simpli.fi	1 redirects ads.pubmatic.com ad-cdn.technoratimedia.com
3	sync.crwdcntrl.net	3 redirects
3	pixel-sync.sitescout.com	3 redirects
3	image4.pubmatic.com	1 redirects ads.pubmatic.com
3	pixel.advertising.com	3 redirects
3	secure-assets.rubiconproject.com	3 redirects
3	ad.360yield.com	3 redirects
3	rtb.gumgum.com	d1180od816jent.cloudfront.net.
3	api.conversant.mgr.consensu.org	cdn.conversant.mgr.consensu.org
2	pixel-us-east.rubiconproject.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2	rtb.openx.net	1 redirects us-u.openx.net
2	green.erne.co	2 redirects
2	j.mrpdata.net	1 redirects us-u.openx.net
2	sync.search.spotxchange.com	2 redirects
2	ads.betweendigital.com	2 redirects
2	ap.lijit.com	2 redirects
2	d5p.de17a.com	2 redirects
2	pixel.tapad.com	2 redirects
2	loadm.exelator.com	2 redirects
2	ad.turn.com	2 redirects
2	s.amazon-adsystem.com	1 redirects eb2.3lift.com
2	pixel.quantserve.com	2 redirects
2	bh.contextweb.com	2 redirects
2	pm.w55c.net	2 redirects
2	secure.adnxs.com	2 redirects
2	action.media6degrees.com	nj1015.com
2	action.dstillery.com	2 redirects
2	www.googletagmanager.com	d1180od816jent.cloudfront.net.
2	static.solutionshindsight.net	d1180od816jent.cloudfront.net.
2	cdn.mmctsvc.com	d1180od816jent.cloudfront.net.
2	syndication.twitter.com	platform.twitter.com nj1015.com
2	www.google.de	nj1015.com
2	www.google.com	nj1015.com
2	i.clean.gg	d1180od816jent.cloudfront.net.
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	secure.cdn.fastclick.net	nj1015.com d1180od816jent.cloudfront.net.
2	www.instagram.com	1 redirects nj1015.com
2	js-sec.indexww.com	nj1015.com d1180od816jent.cloudfront.net.
1	simage4.pubmatic.com	ads.pubmatic.com
1	id.rlcdn.com
1	ads.yahoo.com
1	match.justpremium.com	us-u.openx.net
1	openx2-match.dotomi.com	us-u.openx.net
1	match.bnmla.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	match.taboola.com	ad-cdn.technoratimedia.com
1	trc.taboola.com	1 redirects
1	gum.criteo.com	1 redirects
1	onetag-sys.com	ad-cdn.technoratimedia.com
1	pixel.33across.com	ad-cdn.technoratimedia.com
1	cdn.districtm.io	ad-cdn.technoratimedia.com
1	sync.go.sonobi.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	ad-cdn.technoratimedia.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	go.sonobi.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	cs.emxdgt.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	d.turn.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	dsp.nrich.ai	1 redirects
1	cs.admanmedia.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	px.ads.linkedin.com	eb2.3lift.com
1	image6.pubmatic.com	ads.pubmatic.com
1	rtb-csync.smartadserver.com	1 redirects
1	inv-nets.admixer.net	1 redirects
1	serverbid-sync.nyc3.cdn.digitaloceanspaces.com	d1180od816jent.cloudfront.net.
1	sync.serverbid.com	1 redirects
1	cdn.undertone.com	d1180od816jent.cloudfront.net.
1	contextual.media.net	d1180od816jent.cloudfront.net.
1	pubcast-files.remixd.com	d1180od816jent.cloudfront.net.
1	promotions.minutemediaservices.com	cdn.mmctsvc.com
1	api.btloader.com	btloader.com
1	ad-delivery.net	nj1015.com
1	ad.doubleclick.net	nj1015.com
1	sb.scorecardresearch.com	d1180od816jent.cloudfront.net.
1	btloader.com	d1180od816jent.cloudfront.net.
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	d1180od816jent.cloudfront.net.
1	script.hotjar.com	d1180od816jent.cloudfront.net.
1	static.hotjar.com	d1180od816jent.cloudfront.net.
1	tags.remixd.com	d1180od816jent.cloudfront.net.
1	accounts.google.com	d1180od816jent.cloudfront.net.
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	krk.kargo.com	cdn.production.townsquareblogs.com
1	hbopenbid.pubmatic.com	cdn.production.townsquareblogs.com
1	tlx.3lift.com	cdn.production.townsquareblogs.com
1	apex.go.sonobi.com	cdn.production.townsquareblogs.com
1	a.teads.tv	cdn.production.townsquareblogs.com
1	prebid.media.net	cdn.production.townsquareblogs.com
1	hb.undertone.com	cdn.production.townsquareblogs.com
1	townsquaremedia-d.openx.net	cdn.production.townsquareblogs.com
1	htlb.casalemedia.com	cdn.production.townsquareblogs.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	pagead2.googlesyndication.com	d1180od816jent.cloudfront.net.
1	api.rlcdn.com	js-sec.indexww.com
1	platform.instagram.com	1 redirects
1	cdn.production.townsquareblogs.com	nj1015.com
1	www.googletagservices.com	nj1015.com
1	native.sharethrough.com	nj1015.com
1	d1180od816jent.cloudfront.net.	nj1015.com
1	fonts.googleapis.com	nj1015.com
0	id5-sync.com Failed
334	146

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
nj1015.threadless.com
youtube.com
twitter.com
www.instagram.com
publicfiles.fcc.gov
www.youtube.com
www.townsquaremedia.com

Subject Issuer	Validity	Valid
www7.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-23` - `2022-10-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www6.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-27` - `2022-09-27`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
www8.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-28` - `2022-09-28`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-07-30` - `2021-10-28`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2021-03-11` - `2022-03-15`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-30` - `2021-10-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2021-08-25` - `2021-11-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.undertone.com Amazon	`2021-10-04` - `2022-11-01`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
teads.tv R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
e.serverbid.com R3	`2021-08-30` - `2021-11-28`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.dev.kargo.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
cdn.conversant.mgr.consensu.org R3	`2021-08-16` - `2021-11-14`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.conversant.mgr.consensu.org GlobalSign RSA OV SSL CA 2018	`2020-03-31` - `2022-06-06`	2 years	crt.sh
*.remixd.com Amazon	`2021-04-10` - `2022-05-09`	a year	crt.sh
mmctsvc.com R3	`2021-09-16` - `2021-12-15`	3 months	crt.sh
solutionshindsight.net Amazon	`2021-02-19` - `2022-03-20`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-05` - `2022-09-04`	a year	crt.sh
dstillery.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-09` - `2022-05-10`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
api.btloader.com GTS CA 1D4	`2021-08-28` - `2021-11-26`	3 months	crt.sh
*.minutemediaservices.com Amazon	`2021-02-23` - `2022-03-24`	a year	crt.sh
pubcast-files.remixd.com GTS CA 1D4	`2021-08-25` - `2021-11-23`	3 months	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-30`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io Amazon	`2021-10-20` - `2022-11-18`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.eyeota.net R3	`2021-08-27` - `2021-11-25`	3 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.technoratimedia.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-16` - `2022-10-05`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
onetag-sys.com R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.bfmio.com Amazon	`2021-05-16` - `2022-06-14`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.mrpdata.net Amazon	`2020-12-04` - `2022-01-02`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
tracking.justpremium.com Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-27` - `2021-11-17`	2 months	crt.sh

This page contains 35 frames:

Primary Page: https://nj1015.com/
Frame ID: F932F3FB0917B4B22CE9600926F3BEC5
Requests: 198 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fnj1015.com
Frame ID: BC21C06596DE87EC56266905A6818FD5
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=newjersey101point5&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fnj1015.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: 29EE54101F72AAE030210FF192A70CB8
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1096102534197907&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e0df920ce8cd%26domain%3Dnj1015.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnj1015.com%252Ff23c71d7b40ac18%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.facebook.com%2Fnj1015&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
Frame ID: B74A8DA1E2B98CF8BB7C00E053945B8B
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fnj1015.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: 5F17627D1875FE63CB5ED9ABE7936E19
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Frame ID: BAE4178836988B2DCC64ED9B26C44BA2
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDkDKxDButZ3ltEDLjbe-_g&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: C48EA53144A632E77FC470CA9B9CCAB5
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-3333a05ac05419926bfc064e06a742b1.html
Frame ID: A859F0611B2D1C15F9BFCD69F34AB7DA
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 440C56CE1C295EC8187FFD25580291A9
Requests: 11 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=bf37616f-a5b8-4700-bd72-1287d96bfc0a&gdpr=1&gdpr_consent=
Frame ID: 501B4F6CDA4F2A33AC392A112A9E821A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6146971768CC2C9922CAA3CAF549A859
Requests: 16 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=0
Frame ID: 849096FD75F16438D679F60E43283E1C
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C18A11F7846BBFB5CF07A9295C987DCD
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: F8C6FC2684CB785953D4297467225FD4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 3A6C9EC103F0C65F196C415ED4C7F6BB
Requests: 9 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 907F75F2F7187768022B99E7FFC48117
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Frame ID: 3D3E12AA16CEE19D375A648E754E408E
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E7824B7F20F4FCB91A58D3A86786B8BE
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPOXHkgPOXHkgAXADAENBxCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQ6AUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoO9jTCEMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA&d=https://nj1015.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: C0FB60810AFE3988656DDDDEBE7728BD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: D5492984DA5B26F967EE25933A560C88
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=1A7016B9-61FC-41D8-A230-160928EEB3A7
Frame ID: AD6FD49A947E75CB160E2E186D70EDFB
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAKfPionAA6
Frame ID: 56E154F4EBFAD63A186E188DE436EE7E
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F34175052FE04D4505118DC34D4548D3
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: 5BC5F60531BA063CD98EA31585C409B2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 01CA98F6B4ACFFD6D2418573F29CFC34
Requests: 3 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: 3057821B2D6BC5E35165401538683961
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html
Frame ID: 579FB94EDC28C53F9601EADE88B18D06
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: 4AF594CE14E777A06AAAFEDDA3445993
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Frame ID: 3C713316623288873D6F50F22EA890F9
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Frame ID: 4CDCF046A7C6551853D897F75FC7DDAE
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Frame ID: 3E9F60AEC206B05ADF9A087B07DEA7FB
Requests: 12 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/?sellerid=101769
Frame ID: 03C9D0DB6EC0FD7CD10AC24A7C2697CA
Requests: 1 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Frame ID: 59BA485903E7C74497EE0AB3387EB3B6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=572a470226457b8
Frame ID: 2F18E295868F847896BB226D1D60FC5C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1096102534197907&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df394ed8c7439efc%26domain%3Dnj1015.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnj1015.com%252Ff23c71d7b40ac18%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fnj1015.com%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Frame ID: 838B5C9878522008CE7888C60A96D75D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Jersey 101.5 – Proud to be New Jersey – New Jersey News Radio

Page URL History Show full URLs

http://nj1015.com/ HTTP 301
https://nj1015.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

334
Requests

100 %
HTTPS

0 %
IPv6

96
Domains

146
Subdomains

102
IPs

10
Countries

4186 kB
Transfer

10861 kB
Size

163
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/nj1015/live
Title: Watch us on Facebook Live

Search URL Search Domain Scan URL

URL: https://nj1015.threadless.com/
Title: NJ 101.5 store

Search URL Search Domain Scan URL

URL: https://youtube.com/user/newjersey101point5

Search URL Search Domain Scan URL

URL: http://www.facebook.com/nj1015

Search URL Search Domain Scan URL

URL: https://twitter.com/nj1015

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nj1015

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/fm-profile/wkxw
Title: Public File

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/newjersey101point5

Search URL Search Domain Scan URL

URL: http://www.townsquaremedia.com/
Title: Townsquare Media

Search URL Search Domain Scan URL

URL: https://www.townsquaremedia.com/privacy-policy
Title: privacy policy.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nj1015.com/ HTTP 301
https://nj1015.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 186

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WKXWFM&ncv=24 HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WKXWFM&ncv=24

Request Chain 187

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24 HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24

Request Chain 200

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 201

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=bf37616f-a5b8-4700-bd72-1287d96bfc0a&gdpr=1&gdpr_consent=

Request Chain 208

https://sync.serverbid.com/ss/2000775.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html

Request Chain 210

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=7731849333306481492

Request Chain 211

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=16767551-4aa8-4f41-a43b-0bba3409b797

Request Chain 212

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOovDa4Q3riWBBu8EogMtZJEMuRKUGC1_2vQDVgQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/916/8/2.gif?puid=16767551-4aa8-4f41-a43b-0bba3409b797&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOovDa4Q3riWBBu8EogMtZJEMuRKUGC1_2vQDVgQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/124/7/3.gif?puid=16767551-4aa8-4f41-a43b-0bba3409b797&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/441/146/6/4.gif?puid=e9ca7de2-7264-4175-81aa-404572b260bd&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEDG-nJ5mMDH_pWNRXmJ1sMI&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDG-nJ5mMDH_pWNRXmJ1sMI&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7731849333306481492&opid=apx&ops=&utidl=tech:goo:CAESEDG-nJ5mMDH_pWNRXmJ1sMI&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A21682816348&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/19/4/6.gif?puid=ddc1bcbd0907e7f2ce8cb506de213328&gdpr=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOovDa4Q3riWBBu8EogMtZJEMuRKUGC1_2vQDVgQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/160/3/7.gif?puid=41301030295077625958554878856946451938&gdpr=1&gdpr_consent=

Request Chain 214

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=kMDB6LQ41MD3VT5

Request Chain 215

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3Da763d3a6-fcf2-4e0a-b886-9de8452f8dd8%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=6324d00c9fb14d059d4b0ba5b30c81ed&ssp=openx&bsw_param=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8

Request Chain 216

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7731849333306481492

Request Chain 217

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHekRrN0MzMHNBQUJXd1JZQVo0Zw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGzDk7C30sAABWwRYAZ4g&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGzDk7C30sAABWwRYAZ4g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3655208771924687483 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGzDk7C30sAABWwRYAZ4g&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D3655208771924687483%26bee_sync_partners%3Dox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 302
https://match.prod.bidr.io/cookie-sync?userid=3655208771924687483&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAGzDk7C30sAABWwRYAZ4g&pid=558502&do=add HTTP 303
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGzDk7C30sAABWwRYAZ4g

Request Chain 218

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=bf37616f-a5b8-4700-bd72-1287d96bfc0a

Request Chain 219

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3djhSYrctRbG3uJL09v6TomI50vG0e9Oid-85N89

Request Chain 220

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8509317639024795850

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDE4ZTMzYzMtYjE3Ny02ZjQyLTdmZTQtNmQ0NjE2NGIyMjNl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDE4ZTMzYzMtYjE3Ny02ZjQyLTdmZTQtNmQ0NjE2NGIyMjNl&google_tc=

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPPRqBpKraXyZhg9LfBQTAU&google_cver=1

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMivBDHVw5F4Y1lVyOdZ-OQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 227

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2MjQyNDk0NDQyNDY4NTM1NDM%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2MjQyNDk0NDQyNDY4NTM1NDM%3D&google_tc=

Request Chain 229

https://pr-bh.ybp.yahoo.com/sync/triplelift/12624249444246853543?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-X9GQ14RE2oQsb2a8RyKopJxJEEF281W3JKzY3opEvg--~A&dongle=0883

Request Chain 232

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12624249444246853543 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12624249444246853543&dcc=t

Request Chain 233

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 234

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=2528222965152317430&dongle=d407

Request Chain 236

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 237

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=7731849333306481492

Request Chain 238

https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=b68c872e-78af-0d85-0081-28382b05cc0c

Request Chain 239

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9c99fa34-3164-11ec-8b7b-020b1bec13a0 HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9c99fa34-3164-11ec-8b7b-020b1bec13a0&verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-tF2JHXZE2uFPH8N8UsVUd0dSkS4KJvLh~A~UP9c99fa34-3164-11ec-8b7b-020b1bec13a0

Request Chain 240

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9&ttl=1637298873

Request Chain 242

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=dbb1febdc9bec68bc4e83680c0ce3bb234af521f

Request Chain 243

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=721080ca-da5d-4fde-ad90-ddb6f445930d&expires=1&user_group=5&ssp=pubmatic&bsw_param=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D1A7016B9-61FC-41D8-A230-160928EEB3A7 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1A7016B9-61FC-41D8-A230-160928EEB3A7

Request Chain 244

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D55%2526uid%253D%2524UID%252F2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553 HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D55%2526uid%253D%2524UID%252F2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553&xl8blockcheck=1 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID%2F2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID%2F2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553

Request Chain 247

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6633041296076121006 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAKfPionAA6

Request Chain 249

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GnAWuWH8QdiiMBYJKO6zpw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 250

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bf37616f-a5b8-4700-bd72-1287d96bfc0a

Request Chain 251

https://pixel.onaudience.com/?partner=214&mapped=1A7016B9-61FC-41D8-A230-160928EEB3A7 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=ddc1bcbd0907e7f2ce8cb506de213328 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=2de420a3-0165-4cb1-adbf-9ebb89bab0f9&icm HTTP 302
https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=2405d6c6533d3d38 HTTP 302
https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=2405d6c6533d3d38 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mm4zbjY4ZHlJanNKa1NieWM5WDdlM1FWQU95YWVPUG5rdmJ6TGduWGhfa2s&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEMDNE3NjeJhdESg-Av60QNQ&google_cver=1 HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2528222965152317430&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
https://ps.eyeota.net/match?bid=7vi0rg0&uid=bf37616f-a5b8-4700-bd72-1287d96bfc0a&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
https://ps.eyeota.net/match?uid=YW_luQAKfFmonQA6&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
https://ps.eyeota.net/match?uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9&bid=1e2n4ou

Request Chain 252

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUE3MDE2QjktNjFGQy00MUQ4LUEyMzAtMTYwOTI4RUVCM0E3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAAAd5m3gAR

Request Chain 253

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDssPve_9345jBzTV4-gG98&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAAAcR9PwAT

Request Chain 255

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2de420a3-0165-4cb1-adbf-9ebb89bab0f9 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAAAb19SgAT

Request Chain 256

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8509317639024795850 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAAAFtm2gAR

Request Chain 257

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bf37616f-a5b8-4700-bd72-1287d96bfc0a&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAKfFmonQA6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YW_luQAKfFmonQA6&gdpr=0&gdpr_consent=&_test=YW_luQAKfFmonQA6

Request Chain 258

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7731849333306481492&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAAAcR9TwAT

Request Chain 259

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tqxDDOGoF1OtqkAOuK9YC-L8RQ6tpU0L4qv26B0w HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAKfRuomgA6

Request Chain 260

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1A7016B9-61FC-41D8-A230-160928EEB3A7&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1A7016B9-61FC-41D8-A230-160928EEB3A7&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Eg10gv9E2uWE0w_knPix8DJXPSgIB.M-~A&gdpr=0&gdpr_consent=

Request Chain 263

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 267

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7731849333306481492

Request Chain 269

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YW.luZ5G1GJA6Oe4vtvPrwAA%261135

Request Chain 270

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=10a48cab46e5dc3e83464d75

Request Chain 272

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP9c99fa34-3164-11ec-8b7b-020b1bec13a0 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP9c99fa34-3164-11ec-8b7b-020b1bec13a0

Request Chain 273

https://x.bidswitch.net/sync?ssp=consumable HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=c06e85f0-aa6a-5325-b97b-5b95d814fe2c&ssp=consumable&expires=30&user_group=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8

Request Chain 275

https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1 HTTP 302
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9

Request Chain 276

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east

Request Chain 283

https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID HTTP 302
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=7731849333306481492

Request Chain 284

https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40 HTTP 302
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=

Request Chain 285

https://sync.bfmio.com/syncb?pid=164 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
https://sync.bfmio.com/sync?pid=106&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9

Request Chain 286

https://sync.bfmio.com/syncb?pid=163 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
https://sync.bfmio.com/sync?pid=106&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9

Request Chain 287

https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=9cd615ae-3164-11ec-b218-141922060206 HTTP 302
https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=9cd61574-3164-11ec-b218-141922060206

Request Chain 289

https://trc.taboola.com/sg/synacor-ssp-network/1/rtb-h/?taboola_hm=1 HTTP 302
https://match.taboola.com/sg/synacor-ssp-network/1/rtb-h?taboola_hm=1&tbid=5354f3e2-51ce-48b7-95b2-adbfe366e9d7-tuct8692b39&query=taboola_hm%3D1&isDirect=0

Request Chain 290

https://sync.1rx.io/usersync2/rmpssp?sub=synacor HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6524352934 HTTP 302
https://sync.1rx.io/usersync/tradedesk/2de420a3-0165-4cb1-adbf-9ebb89bab0f9 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-ef1c6d43-6474-4f69-9b64-63a034da2b72-003?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-ef1c6d43-6474-4f69-9b64-63a034da2b72-003 HTTP 302
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-ef1c6d43-6474-4f69-9b64-63a034da2b72-003

Request Chain 291

https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=16767551-4aa8-4f41-a43b-0bba3409b797

Request Chain 292

https://ups.analytics.yahoo.com/ups/58266/sync?redir=true HTTP 302
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-5b9oPAxE2uHvahK9hzGQekLsLVCLPik1~A

Request Chain 293

https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D HTTP 302
https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YW.luZ5G1GJA6Oe4vtvPrwAA%261135

Request Chain 294

https://bh.contextweb.com/bh/rtset?rurl=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs&pid=83&uid=%%VGUID%% HTTP 302
https://uat-net.technoratimedia.com/services?srv=cs&uid=yJo7UyB7oTyJ&pid=83

Request Chain 295

https://match.bnmla.com/usersync?sspid=1000237&redir=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs%26pid=84%26uid=%5BUUID%5D HTTP 302
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID

Request Chain 298

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D7ED9EE854654FBEB9AFB6DA19F564E4

Request Chain 299

https://j.mrpdata.net/c.html?ex=OpenX HTTP 302
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX

Request Chain 301

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072977&val=2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553&gdpr=0&gdpr_consent=

Request Chain 303

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YW_luQAKfFmonQA6

Request Chain 304

https://green.erne.co/openx/cm HTTP 302
https://pixel.onaudience.com/?mapped=9VAxJ28BQ58GfLv5pQUQXrT6&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253D9VAxJ28BQ58GfLv5pQUQXrT6 HTTP 302
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253D9VAxJ28BQ58GfLv5pQUQXrT6 HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=ddc1bcbd0907e7f2ce8cb506de213328&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253D9VAxJ28BQ58GfLv5pQUQXrT6 HTTP 302
https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3D9VAxJ28BQ58GfLv5pQUQXrT6 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=9VAxJ28BQ58GfLv5pQUQXrT6

Request Chain 305

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2528222965152317430&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 306

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=IrdqNdGGiMiMcHtID7DW5A==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 309

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTNmYjUzOWM2NmJlYTE0MGU4Mjg2MTMzN2FmNTVjYWRmM2ZlMTliZA

Request Chain 310

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUZ29HFU-27-G7J8&sigv=1&esig=2~ee3671fee82de0c3f6bd57e6f0754cb42098459d

Request Chain 312

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/g3aeR82So56Tc13v-bPbPcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4886388357313020704

Request Chain 314

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VaMjlIRlUtMjctRzdKOA==

Request Chain 315

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=bf37616f-a5b8-4700-bd72-1287d96bfc0a&expires=28

Request Chain 316

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW_luQAKfFmonQA6

334 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nj1015.com/
Redirect Chain

http://nj1015.com/
https://nj1015.com/

275 KB
50 KB

191ms
169ms

Document
text/html

192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

3f2bcc1add65a22137882700bf93a7ab8caf26cad883e9487cac9101978715a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: nj1015.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: gdpr-source=DE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
accept-ranges: bytes
age: 269
cache-control: no-cache
content-type: text/html; charset=utf-8
date: Wed, 20 Oct 2021 05:14:28 GMT
etag: W/"44d65-x22MnCJqs+YkFbMt3utZSw"
expires: Wed, 20 Oct 2021 05:14:27 GMT
gdpr-source: DE
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-abgroup: A
x-cache: HIT
x-device: desktop
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-ua-device: desktop
x-varnish: 1576217882 1576184404
content-length: 50566

Redirect headers

Cache-Control: no-cache
Content-Type: text/html
Date: Wed, 20 Oct 2021 05:14:28 GMT
Expires: Wed, 20 Oct 2021 05:14:27 GMT
gdpr-source: DE
Location: https://nj1015.com/
Server: nginx
Set-Cookie: gdpr-source=DE
X-Frame-Options: SAMEORIGIN
Content-Length: 178

GET
H2 200 base.css
nj1015.com/styles/desktop/ 523 KB
114 KB 7ms
7ms Stylesheet
text/css 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/styles/desktop/base.css?ver=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F3) / Express

Resource Hash

9b4e7e4450d1471bce6804cdcc83539815c77b0054843ca14a39ee98efcdbf52

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /styles/desktop/base.css?ver=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
pragma: no-cache
cookie: gdpr-source=DE
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:28 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 35782
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 116548
last-modified: Tue, 19 Oct 2021 19:18:07 GMT
server: ECS (frb/67F3)
etag: W/"82c2c-ytGweHElpJ7Q3b5VYc5BZA"
x-frame-options: SAMEORIGIN
x-varnish: 1570115846
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: text/css; charset=utf-8
expires: Wed, 20 Oct 2021 05:14:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 93ms
36ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

a1da608ebf4c9e1e32844c5cdf955ba53c4c3c027e682d1c3413ccf5db28c2fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 05:14:28 GMT
server: ESF
date: Wed, 20 Oct 2021 05:14:28 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 75ms
24ms Script
text/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 4402
date: Wed, 20 Oct 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 20 Oct 2021 06:01:06 GMT

GET
H2 200 autotrack.carbon.js Show response
townsquare.media/public/resources/js/ 4 KB
2 KB 36ms
7ms Script
application/javascript 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/autotrack.carbon.js

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) / Express

Resource Hash

17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:28 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 66114
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 2031
last-modified: Thu, 03 Oct 2019 20:12:19 GMT
server: ECS (frb/6793)
etag: W/"119a-16d93407ae3"
x-frame-options: SAMEORIGIN
x-varnish: 536352097 531738577
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:27 GMT

GET
H2 200 script.js Show response
d1180od816jent.cloudfront.net./ 119 KB
39 KB 36ms
8ms Script
application/javascript 52.222.250.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1180od816jent.cloudfront.net./script.js
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-140.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 050f96ca534637b366514f0915cf46696791aada88becb0dd4b41a8256fb9d9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:11:08 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 17:33:39 GMT
server: AmazonS3
age: 201
etag: W/"f52abf0cdf25242455bc45a518d9f506"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: Ip4TIozk1_A1RFvC7Fe_0bNsATmcKk5J7R38QpQHGyXH3FgkXOV5LA==

GET
H2 200 sfp.js Show response
native.sharethrough.com/assets/ 264 KB
73 KB 35ms
7ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/sfp.js
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6f09f791154544eee4b56822bba9b3fb272e61ab7b3f89da0818f9b27bc8264

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 04:57:39 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 19:57:34 GMT
server: AmazonS3
age: 1010
etag: W/"5199c63386a3d28b6d73fa5fb9271dd1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: UwBWsNGAxAZwItx22zFWcF6Kj4hKNz2cIcMv4vTmY-3gAbzRA-9A5g==
expires: Tue, 19 Oct 2021 20:57:33 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 89ms
35ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

f93d1f1b1e57c7bc77f935bdf50636d5192505e9ce8c34e3bd5f962496b044db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1019 / 417 of 1000 / last-modified: 1634681327"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27216
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H/1.1 200
OK 186854-113710634486999.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 49ms
10ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 05:14:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Oct 2021 03:10:32 GMT
Server: Apache
ETag: "905b90-930b-5cec01efa9cbd"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2170
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12790
Expires: Wed, 20 Oct 2021 05:50:38 GMT

GET
H2 200 pb.js Show response
cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/ 312 KB
94 KB 76ms
7ms Script
application/javascript 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.218 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668B) / Express

Resource Hash

9ca304dddf1543e3cf8ed96d41181a463f582f529edc8667a0cbc33021f404be

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:28 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 35047
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop, desktop
x-device: carbon, carbon
content-length: 95471
access-control-allow-origin: *
last-modified: Tue, 19 Oct 2021 19:32:58 GMT
server: ECS (frb/668B)
etag: W/"4e0d2-IjwxINfrKBaMZ0zHZwVD1g"
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-varnish: 537261585, 1570295700 1570263069
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Wed, 20 Oct 2021 05:14:27 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 149ms
87ms Script
application/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

ESF /

Resource Hash

e21aa289818ac270e2647b8f04a0b04a78716f57797940f6fea477c6d03b7e56

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Iz91hSUcbfxAm32wxzh/CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "b25f111da50a2c91d2f1bce5d2447ba4"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-Iz91hSUcbfxAm32wxzh/CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H3

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

15ms
7ms

Script
text/javascript

157.240.20.174
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.20.174 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS: instagram-p42-shv-02-frt3.fbcdn.net
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 21:28:21 GMT
content-encoding: br
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4824
priority: u=3,i

Redirect headers

date: Wed, 20 Oct 2021 05:14:28 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: odn
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 nj1015b2.png
townsquare.media/site/385/files/2018/08/ 8 KB
8 KB 36ms
7ms Image
image/png 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2018/08/nj1015b2.png
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) / Express
Resource Hash: 720fe509e6f2cec0f1ab1c8c765b23b30d6075546f68e2785ab014841bde0ded

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:28 GMT
via: 1.1 varnish
age: 27949086
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 7990
last-modified: Sun, 15 Sep 2019 01:48:09 GMT
server: ECS (frb/67C0)
x-varnish: 2895494494 2895483927
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/png
expires: Wed, 20 Oct 2021 05:14:27 GMT

POST
H2 200 cogitoergosum Show response
nj1015.com/rest/high/api/ 128 B
481 B 112ms
112ms XHR
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/rest/high/api/cogitoergosum

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

328e92cbd48405f675fd1b62972c3f9db288c4f1f4d4280d5bb33b21ff656adc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://nj1015.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: gdpr-source=DE; abgroup=A
content-length: 321
:path: /rest/high/api/cogitoergosum
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 20 Oct 2021 05:14:28 GMT
etag: W/"80-NA0TLuZybqnUajPzQ5Iapw"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
set-cookie: cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI4IEdNVCJ9; Max-Age=1800; Path=/; Expires=Wed, 20 Oct 2021 05:44:28 GMT connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; Path=/; Expires=Fri, 19 Nov 2021 05:14:28 GMT; HttpOnly
vary: Accept-Encoding
content-length: 128
expires: Wed, 20 Oct 2021 05:14:27 GMT

GET
H2 200 cmp.bundle.js Show response
townsquare.media/public/resources/js/ 185 KB
46 KB 36ms
8ms Script
application/javascript 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/cmp.bundle.js

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C2) / Express

Resource Hash

9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:28 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 34353
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 46582
last-modified: Mon, 26 Oct 2020 18:28:52 GMT
server: ECS (frb/67C2)
etag: W/"2e534-175662b91b7"
x-frame-options: SAMEORIGIN
x-varnish: 538863091 537399270
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:27 GMT

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 10 KB
4 KB 46ms
8ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:28 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 22:23:11 GMT
server: Apache
etag: "2988-5b94848b276f9-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 3813
expires: Wed, 20 Oct 2021 05:29:28 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 71ms
33ms Script
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi
content-encoding: gzip
etag: e2b905aea413c4d7479fb2bb9cbc6c65
age: 257
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1VSMXRBH40MSSYHS11AG
date: Wed, 20 Oct 2021 05:10:29 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68d.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: PjUXuIa_Mse6HWuJEGG64l2nTlJPeK4Ry7u0DhEGhvcE5uV9pEVVcQ==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 46ms
11ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 05:14:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:33:56 GMT
Server: ECS (frb/6712)
Age: 1055
Etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29104

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 43ms
12ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

fcb6d2f383550c2992f0d725f81223ead4ca307f56af41cead9a0a0982d8cb0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ipHLZ2HaWtuPelNdrMp9Tw==
cross-origin-resource-policy: cross-origin
expires: Wed, 20 Oct 2021 05:28:22 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: o9W3przWzl5CFwTLoOaI9/Lv/htj3//8p5910yoKBb22FMA5anL9CY+Uqyz9KX/Trw7oXrRhXIeVcTlYSzDjDw==
x-fb-trip-id: 686109401
x-fb-content-md5: 7ac5061cd06cb53186e763d085db4b3d
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 20 Oct 2021 05:14:28 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6e022298ab605b84569438ce381a5603"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 43ms
13ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: wEAK+89WEHDmEKgg1dx4QJFsQkuk16zVGRWJcjJe64zr6Sc5vRAIsEzTJ1MRnjgmPQvb5+Q42hTkgCDzT0XbmQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 20 Oct 2021 05:14:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 NJ1015_bg-2.jpg
townsquare.media/site/385/files/2018/06/ 155 KB
156 KB 11ms
10ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2018/06/NJ1015_bg-2.jpg
Requested by: Host: nj1015.com
URL: https://nj1015.com/styles/desktop/base.css?ver=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) / Express
Resource Hash: 5f73aa06d8df02a1b0fa5441cbcae3f93edb479c92a8b1c2ddf5d92dfa72d578

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:28 GMT
via: 1.1 varnish
age: 27946351
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 159180
last-modified: Wed, 11 Sep 2019 17:31:19 GMT
server: ECS (frb/67F2)
x-varnish: 2653371644 2643584579
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:27 GMT

GET
H2 200 nj-header-bg.jpg
townsquare.media/site/385/files/2018/08/ 3 KB
3 KB 19ms
18ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2018/08/nj-header-bg.jpg
Requested by: Host: nj1015.com
URL: https://nj1015.com/styles/desktop/base.css?ver=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6739) / Express
Resource Hash: 51e2529e6e1b696560e8ce848486e41cc52e9952c0b4c3a7e3aab27b13364e92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:28 GMT
via: 1.1 varnish
age: 27949118
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 2688
last-modified: Tue, 17 Sep 2019 21:05:15 GMT
server: ECS (frb/6739)
x-varnish: 2643111985 2642973862
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:27 GMT

GET
H2 200 instagram-icon.png
nj1015.com/public/assets/img/nav/ 9 KB
9 KB 8ms
7ms Image
image/png 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nj1015.com/public/assets/img/nav/instagram-icon.png
Requested by: Host: nj1015.com
URL: https://nj1015.com/styles/desktop/base.css?ver=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) / Express
Resource Hash: 64d2653d551fc8075979181b1d93b46f8a0f58dbc0b7b47480304a12b011c65e

Request headers

:path: /public/assets/img/nav/instagram-icon.png
pragma: no-cache
cookie: gdpr-source=DE; abgroup=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: nj1015.com
referer: https://nj1015.com/styles/desktop/base.css?ver=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/styles/desktop/base.css?ver=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:28 GMT
via: 1.1 varnish
age: 27948607
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 9483
last-modified: Thu, 03 Oct 2019 21:10:26 GMT
server: ECS (frb/67D5)
etag: W/"250b-16d9375af84"
x-varnish: 2895609329
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/png
expires: Wed, 20 Oct 2021 05:14:27 GMT

GET
H2 200 attachment-RS44196_GettyImages-1193312195.jpg
townsquare.media/site/385/files/2021/10/ 64 KB
64 KB 23ms
22ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-RS44196_GettyImages-1193312195.jpg?w=980&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D27) / Express

Resource Hash

9fc31e3a210b3f0cea5aa7f6e48fd83dcdcbc96e69f92db7e4dc7f9f1bac5e5a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:28 GMT
via: 1.1 varnish
age: 26634
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 65400
last-modified: Tue, 19 Oct 2021 21:50:08 GMT
server: ECS (lcy/1D27)
x-frame-options: SAMEORIGIN
x-varnish: 538877556
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:27 GMT

GET
H2 200 nj1015-promo.jpg
townsquare.media/site/385/files/2018/01/ 3 KB
3 KB 21ms
20ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2018/01/nj1015-promo.jpg
Requested by: Host: nj1015.com
URL: https://nj1015.com/styles/desktop/base.css?ver=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) / Express
Resource Hash: 7b0bb9cd525a386744d13b2034574f2e2d33ecf2926f8b98134511bfee225968

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:28 GMT
via: 1.1 varnish
age: 27948607
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 3348
last-modified: Tue, 17 Sep 2019 21:05:15 GMT
server: ECS (frb/6724)
x-varnish: 2895609330
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:27 GMT

GET
H2 200 attachment-eric.jpg
townsquare.media/site/385/files/2021/10/ 10 KB
11 KB 22ms
21ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-eric.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668D) / Express

Resource Hash

936332d37352aec5e0e4b8116d19fe55904afa0ea87cb3f8e3bade004a324b44

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:28 GMT
via: 1.1 varnish
age: 1091044
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 10678
last-modified: Thu, 07 Oct 2021 14:09:47 GMT
server: ECS (frb/668D)
x-frame-options: SAMEORIGIN
x-varnish: 1394663232
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:27 GMT

GET
DATA 200
OK truncated
/ 50 KB
50 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c

Request headers

Referer
Origin: https://nj1015.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: font/opentype;charset=utf-8

GET
H2 200 main.bundle.82576c9117170fd9d7254bf8574d5670e518945b.js Show response
townsquare.media/public/dist/desktop/ 1 MB
321 KB 7ms
7ms Script
application/javascript 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/dist/desktop/main.bundle.82576c9117170fd9d7254bf8574d5670e518945b.js?mver=120&gver=3

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) / Express

Resource Hash

f9a67822b5b9e0439a21702b8018c9da6154f6e06a4658d9426b87e7627f4bd1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:28 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 35617
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 327986
last-modified: Thu, 07 Oct 2021 19:11:36 GMT
server: ECS (frb/67E2)
etag: W/"1153e9-17c5c2b087d"
x-frame-options: SAMEORIGIN
x-varnish: 537148690
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:27 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 111ms
54ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nj1015.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 03:54:04 GMT
x-content-type-options: nosniff
age: 91224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Oct 2022 03:54:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 88ms
43ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nj1015.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:40 GMT
x-content-type-options: nosniff
age: 564168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 59ms
23ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nj1015.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 128811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 18 Oct 2022 17:27:37 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 87ms
62ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nj1015.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 04:06:08 GMT
x-content-type-options: nosniff
age: 90500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Oct 2022 04:06:08 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 62ms
62ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nj1015.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 14:00:18 GMT
x-content-type-options: nosniff
age: 227650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15604
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 17 Oct 2022 14:00:18 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 71ms
26ms XHR
text/plain 74.125.140.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-9718777-7&cid=476914858.1634706869&jid=272732476&gjid=318026611&_gid=906317624.1634706869&_u=aGBAgAADAAAAAE~&z=1929046496

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 Oct 2021 05:14:29 GMT
content-type: text/plain
access-control-allow-origin: https://nj1015.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 64ms
26ms XHR
text/plain 74.125.140.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-19109753-1&cid=476914858.1634706869&jid=2022821703&gjid=83687852&_gid=906317624.1634706869&_u=aGDAgAADAAAAAE~&z=1217188969

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 Oct 2021 05:14:29 GMT
content-type: text/plain
access-control-allow-origin: https://nj1015.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 57ms
27ms XHR
text/plain 74.125.140.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-9718777-25&cid=476914858.1634706869&jid=2103954625&gjid=533891181&_gid=906317624.1634706869&_u=aGDAgAADAAAAAE~&z=515530488

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 Oct 2021 05:14:29 GMT
content-type: text/plain
access-control-allow-origin: https://nj1015.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
406 B 49ms
26ms XHR
text/plain 74.125.140.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-28825804-1&cid=476914858.1634706869&jid=998875940&gjid=701151562&_gid=906317624.1634706869&_u=aGDAgAADAAAAAE~&z=318840834

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 Oct 2021 05:14:29 GMT
content-type: text/plain
access-control-allow-origin: https://nj1015.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 37ms
27ms XHR
text/plain 74.125.140.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-45260060-4&cid=476914858.1634706869&jid=258311211&gjid=985555320&_gid=906317624.1634706869&_u=aGDAgAADAAAAAE~&z=1532973276

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 Oct 2021 05:14:29 GMT
content-type: text/plain
access-control-allow-origin: https://nj1015.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 25ms
23ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=990329378&t=pageview&_s=1&dl=https%3A%2F%2Fnj1015.com%2F&ul=en-us&de=UTF-8&dt=New%20Jersey%20101.5%20%E2%80%93%20Proud%20to%20be%20New%20Jersey%20%E2%80%93%20New%20Jersey%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAD~&jid=272732476&gjid=318026611&cid=476914858.1634706869&tid=UA-9718777-7&_gid=906317624.1634706869&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Wed%20Aug%2030%202017&cd6=16%3A21&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&did=i5iSjo&z=2124487113

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 16:02:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47501
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 26ms
24ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=990329378&t=pageview&_s=1&dl=https%3A%2F%2Fnj1015.com%2F&ul=en-us&de=UTF-8&dt=New%20Jersey%20101.5%20%E2%80%93%20Proud%20to%20be%20New%20Jersey%20%E2%80%93%20New%20Jersey%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAADAAAAAE~&jid=2022821703&gjid=83687852&cid=476914858.1634706869&tid=UA-19109753-1&_gid=906317624.1634706869&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Wed%20Aug%2030%202017&cd6=16%3A21&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&did=i5iSjo&z=1114867141

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 16:02:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47501
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 26ms
25ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=990329378&t=pageview&_s=1&dl=https%3A%2F%2Fnj1015.com%2F&ul=en-us&de=UTF-8&dt=New%20Jersey%20101.5%20%E2%80%93%20Proud%20to%20be%20New%20Jersey%20%E2%80%93%20New%20Jersey%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAADAAAAAE~&jid=2103954625&gjid=533891181&cid=476914858.1634706869&tid=UA-9718777-25&_gid=906317624.1634706869&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Wed%20Aug%2030%202017&cd6=16%3A21&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&did=i5iSjo&z=2043679140

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 16:02:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47501
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 26ms
25ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=990329378&t=pageview&_s=1&dl=https%3A%2F%2Fnj1015.com%2F&ul=en-us&de=UTF-8&dt=New%20Jersey%20101.5%20%E2%80%93%20Proud%20to%20be%20New%20Jersey%20%E2%80%93%20New%20Jersey%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAADAAAAAE~&jid=998875940&gjid=701151562&cid=476914858.1634706869&tid=UA-28825804-1&_gid=906317624.1634706869&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Wed%20Aug%2030%202017&cd6=16%3A21&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&did=i5iSjo&z=1462329330

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 16:02:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47501
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 33ms
32ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=990329378&t=pageview&_s=1&dl=https%3A%2F%2Fnj1015.com%2F&ul=en-us&de=UTF-8&dt=New%20Jersey%20101.5%20%E2%80%93%20Proud%20to%20be%20New%20Jersey%20%E2%80%93%20New%20Jersey%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAADAAAAAE~&jid=258311211&gjid=985555320&cid=476914858.1634706869&tid=UA-45260060-4&_gid=906317624.1634706869&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Wed%20Aug%2030%202017&cd6=16%3A21&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&did=i5iSjo&z=1335677222

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 16:02:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47501
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
324 B 70ms
22ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://nj1015.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
539 B 113ms
36ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186854
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 014a2b3cc4d32c0dcc88feedd259ff152dd05fa561f44764d4c98159f6d7ee00

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 20 Oct 2021 05:14:29 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nj1015.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 19 Nov 2021 05:14:29 GMT

GET
H2 200 pubads_impl_2021101901.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 86ms
32ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063232

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 125444
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 08:35:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Oct 2021 05:14:29 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 220 B
726 B 84ms
31ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nj1015.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

2eeeeed885ffcac3d38a655c8880280be746bcbc40fa8780eca2ada2d749e1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 119
x-xss-protection: 0
expires: Wed, 20 Oct 2021 05:14:29 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 108ms
108ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 145ms
105ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://nj1015.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Wed, 20 Oct 2021 05:14:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 265 KB
75 KB 15ms
7ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a22ba8eaed045c5793ae675cdba25fa8

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

1bb0e6bf69e9bfb3ae25f71e870ffffd892d7d83b4a1e6ec66210c8d47882737

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://nj1015.com/
Origin: https://nj1015.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: sfdzpAynI3zUqeKV99F2aw==
cross-origin-resource-policy: cross-origin
expires: Thu, 20 Oct 2022 04:02:11 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76547
x-fb-rlafr: 0
x-fb-debug: SrlagQzELoS6R4zweW0C/b/VYTFagVfthJ1l8S/lVn5dMwfMtcAdD3DP5Nkdz0G8nyi1UV84zqHq6TtfsCc5DQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 0d951cf3e9535e1642b63a5055025da1
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Oct 2021 05:14:29 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "e8eea37bc8df388e151b5954ed989352"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
300 B 100ms
99ms XHR
text/plain 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3227&u=https%3A%2F%2Fnj1015.com%2F
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:28 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
access-control-allow-origin: https://nj1015.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: Jb09N6uDSwlBl6nfyn-2fjXDZrIlwQCFa6aWw-Ru32JRJTkIezUBNQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 21ms
7ms XHR
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 31069
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
date: Wed, 20 Oct 2021 00:09:04 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb9.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: _yegLxO9PIQMoCU6n0mPN565Jkr8hrb3suhGdXHPxKVpUaPwQAy7_A==

GET
H3 200 631470830669776 Show response
connect.facebook.net/signals/config/ 490 KB
144 KB 407ms
398ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/631470830669776?v=2.9.47&r=stable

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

19c0bffef3e5137137c79e3281dea3b5110ee141f33ac3853eb2e61f269f698d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 9FMqj0rW8+urCGbdhjTGqSVAdrrnfbZCqCRGc+dm/Rx0OZM4ZslLgdGCVn94508kvaUK27QSYKKJV/6pXxWs5A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 20 Oct 2021 05:14:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 41 KB
15 KB 7ms
6ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 22:23:11 GMT
server: Apache
etag: "a253-5b94848b276f1-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 14886
expires: Wed, 20 Oct 2021 05:29:29 GMT

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame BC21 319 KB
103 KB 7ms
7ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fnj1015.com
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://nj1015.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 29576
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 20 Oct 2021 05:14:29 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6711)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
472 B 95ms
32ms Image
image/gif 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-9718777-7&cid=476914858.1634706869&jid=272732476&_u=aGBAgAADAAAAAE~&z=698413715

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 93ms
35ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-9718777-7&cid=476914858.1634706869&jid=272732476&_u=aGBAgAADAAAAAE~&z=698413715

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 cogitoergosum Show response
nj1015.com/rest/high/api/ 128 B
381 B 112ms
112ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/rest/high/api/cogitoergosum

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

74dbbf4f96c3eb18a8a3df70ab6179deee4c2a0bef2f528627602f8d8eb99190

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://nj1015.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: gdpr-source=DE; abgroup=A; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI4IEdNVCJ9; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1
content-length: 314
:path: /rest/high/api/cogitoergosum
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Oct 2021 05:14:29 GMT
etag: W/"80-RKRm3jvqiu42Qvb6AREwGQ"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
set-cookie: cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9; Max-Age=1800; Path=/; Expires=Wed, 20 Oct 2021 05:44:29 GMT
vary: Accept-Encoding
content-length: 128
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 chunk-30.788765602aecaa8aa72d.1633557839703.js Show response
nj1015.com/public/dist/desktop/ 4 KB
2 KB 7ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/public/dist/desktop/chunk-30.788765602aecaa8aa72d.1633557839703.js

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) / Express

Resource Hash

d535e00b2ab51f4e55adc605f29166ffbc211753cd46abd0bf7e80d1e58af21d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-30.788765602aecaa8aa72d.1633557839703.js
pragma: no-cache
cookie: gdpr-source=DE; abgroup=A; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 36014
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 1739
last-modified: Thu, 07 Oct 2021 19:11:31 GMT
server: ECS (frb/673A)
etag: W/"1135-17c5c2af30f"
x-frame-options: SAMEORIGIN
x-varnish: 537065585
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 chunk-28.fd0dfc83ecc1ec9709ce.1633557839703.js Show response
nj1015.com/public/dist/desktop/ 1 KB
687 B 7ms
6ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/public/dist/desktop/chunk-28.fd0dfc83ecc1ec9709ce.1633557839703.js

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) / Express

Resource Hash

313eda090a9ddc20c7000dd1839e141be3c263ff0cdf4e3a5d48348ed6e0b9af

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-28.fd0dfc83ecc1ec9709ce.1633557839703.js
pragma: no-cache
cookie: gdpr-source=DE; abgroup=A; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 36077
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 590
last-modified: Thu, 07 Oct 2021 19:11:31 GMT
server: ECS (frb/6725)
etag: W/"46a-17c5c2af30b"
x-frame-options: SAMEORIGIN
x-varnish: 537065096 537050925
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 chunk-15.387fb0f104f3121062f5.1633557839703.js Show response
nj1015.com/public/dist/desktop/ 39 KB
12 KB 7ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/public/dist/desktop/chunk-15.387fb0f104f3121062f5.1633557839703.js

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D3) / Express

Resource Hash

9b9886b9b832e0c6667810601f922d87786a10f0428857c0a02c67a9e2d01884

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-15.387fb0f104f3121062f5.1633557839703.js
pragma: no-cache
cookie: gdpr-source=DE; abgroup=A; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 36077
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 11693
last-modified: Thu, 07 Oct 2021 19:11:33 GMT
server: ECS (frb/67D3)
etag: W/"9a88-17c5c2afc2d"
x-frame-options: SAMEORIGIN
x-varnish: 537065192 537050916
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 chunk-4.f079555344eee6385632.1633557839703.js Show response
nj1015.com/public/dist/desktop/ 26 KB
8 KB 7ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/public/dist/desktop/chunk-4.f079555344eee6385632.1633557839703.js

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A8) / Express

Resource Hash

94b07e2fd4abce2130f9e0d122c92a79f4d9b7b83c6bf077467aae0c2dfb83e1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-4.f079555344eee6385632.1633557839703.js
pragma: no-cache
cookie: gdpr-source=DE; abgroup=A; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 36061
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 7753
last-modified: Thu, 07 Oct 2021 19:11:39 GMT
server: ECS (frb/67A8)
etag: W/"669c-17c5c2b12e8"
x-frame-options: SAMEORIGIN
x-varnish: 1570054471
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 chunk-34.163c672042aa4ad1bce8.1633557839703.js Show response
nj1015.com/public/dist/desktop/ 920 B
1007 B 8ms
8ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/public/dist/desktop/chunk-34.163c672042aa4ad1bce8.1633557839703.js

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) / Express

Resource Hash

59a49de0bc17d5cd200ff031fec2dc541bbb9d8b6fab93b5a79a0f0cddf7f652

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-34.163c672042aa4ad1bce8.1633557839703.js
pragma: no-cache
cookie: gdpr-source=DE; abgroup=A; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 35912
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 920
last-modified: Thu, 07 Oct 2021 19:11:33 GMT
server: ECS (frb/6752)
etag: W/"398-17c5c2afc81"
x-frame-options: SAMEORIGIN
x-varnish: 537088599
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 chunk-18.1758499bdcf9e382b134.1633557839703.js Show response
nj1015.com/public/dist/desktop/ 65 KB
17 KB 7ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/public/dist/desktop/chunk-18.1758499bdcf9e382b134.1633557839703.js

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6727) / Express

Resource Hash

1afc2a7dd805586d815ab1dfe5bce337764c161acdf81f12d9d3d2fc2207670a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-18.1758499bdcf9e382b134.1633557839703.js
pragma: no-cache
cookie: gdpr-source=DE; abgroup=A; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 36052
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 16775
last-modified: Thu, 07 Oct 2021 19:11:36 GMT
server: ECS (frb/6727)
etag: W/"103c9-17c5c2b0859"
x-frame-options: SAMEORIGIN
x-varnish: 1570056542
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 chunk-8.e945cee4fe28d1bd288f.1633557839703.js Show response
nj1015.com/public/dist/desktop/ 10 KB
4 KB 7ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/public/dist/desktop/chunk-8.e945cee4fe28d1bd288f.1633557839703.js

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) / Express

Resource Hash

fdd004ae7234a8c51b4d4679bdd746e6083749eea925da725b881450c7b4b823

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-8.e945cee4fe28d1bd288f.1633557839703.js
pragma: no-cache
cookie: gdpr-source=DE; abgroup=A; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 36015
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 3498
last-modified: Thu, 07 Oct 2021 19:11:39 GMT
server: ECS (frb/67DF)
etag: W/"286b-17c5c2b12e8"
x-frame-options: SAMEORIGIN
x-varnish: 1570066665 1570065010
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 chunk-1.934d06c0b88de1017a9f.1633557839703.js Show response
nj1015.com/public/dist/desktop/ 984 B
1 KB 13ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/public/dist/desktop/chunk-1.934d06c0b88de1017a9f.1633557839703.js

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D5) / Express

Resource Hash

e0e71c6aba3a59f0d91405ed8daf610bf101545a26bae64c90de3585c52a88c5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-1.934d06c0b88de1017a9f.1633557839703.js
pragma: no-cache
cookie: gdpr-source=DE; abgroup=A; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 36067
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 984
last-modified: Thu, 07 Oct 2021 19:11:32 GMT
server: ECS (frb/67D5)
etag: W/"3d8-17c5c2af7d3"
x-frame-options: SAMEORIGIN
x-varnish: 537052954
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 chunk-2.039cb2d1580138db5062.1633557839703.js Show response
nj1015.com/public/dist/desktop/ 4 KB
2 KB 8ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/public/dist/desktop/chunk-2.039cb2d1580138db5062.1633557839703.js

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BE) / Express

Resource Hash

67e1ba461589803ac8e614b93b470f66188ca857294a2d2363348daec1f266e2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-2.039cb2d1580138db5062.1633557839703.js
pragma: no-cache
cookie: gdpr-source=DE; abgroup=A; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 35912
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 1503
last-modified: Thu, 07 Oct 2021 19:11:32 GMT
server: ECS (frb/67BE)
etag: W/"e0f-17c5c2af817"
x-frame-options: SAMEORIGIN
x-varnish: 537088595
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 / Show response
nj1015.com/internal-ad-api/ 58 KB
16 KB 769ms
769ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/internal-ad-api/?kw[]=pagetype-home&kw[]=device-desktop

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx /

Resource Hash

0d656351ffb7deec171b5f1c12bdfa51f332d81a1926ec6db620ab59f84d913b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /internal-ad-api/?kw[]=pagetype-home&kw[]=device-desktop
pragma: no-cache
cookie: gdpr-source=DE; abgroup=A; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:30 GMT
content-encoding: gzip
age: 0
x-cache: MISS
x-ua-device: desktop
x-device: desktop
content-length: 15876
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-varnish: 1576218026
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/json; charset=utf-8
expires: Wed, 20 Oct 2021 05:14:29 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 403ms
49ms Fetch
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

6a0b947bc31edc47818821a1aa76bf7a7a97ae62736414078932ae8266d5c81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50893
x-xss-protection: 0
server: cafe
etag: 18123501066222942552
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 05:14:29 GMT

GET
H2 200 untitled-shoot-03143.jpg
townsquare.media/site/385/files/2016/12/ 20 KB
20 KB 9ms
6ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2016/12/untitled-shoot-03143.jpg?w=300&q=75
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) / Express
Resource Hash: 53e41f5d9b355117a62f5c5f08351376be92a5bc2a594c9f4d4c2a3bcacb6241

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 14167050
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 20417
last-modified: Sun, 15 Sep 2019 22:11:08 GMT
server: ECS (frb/67C0)
x-varnish: 1990524261
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-image1.jpeg
townsquare.media/site/385/files/2021/10/ 17 KB
17 KB 10ms
6ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-image1.jpeg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6760) / Express

Resource Hash

c1e1251954ffbd78e1175f171a5dc2a44261f977f12dbf990d2c5a46493dd3b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 57310
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 17783
last-modified: Tue, 19 Oct 2021 13:13:43 GMT
server: ECS (frb/6760)
x-frame-options: SAMEORIGIN
x-varnish: 1566153827
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-RS41605_GettyImages-1146671798.jpg
townsquare.media/site/385/files/2021/10/ 25 KB
25 KB 10ms
6ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-RS41605_GettyImages-1146671798.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BC) / Express

Resource Hash

d1e2678317b162805cb8fd721ff5d299a6a7ebe0414cec544226d9eef0c98a62

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 400420
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 25604
last-modified: Fri, 15 Oct 2021 13:05:26 GMT
server: ECS (frb/67BC)
x-frame-options: SAMEORIGIN
x-varnish: 480332188 479762344
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-15.jpg
townsquare.media/site/385/files/2021/10/ 13 KB
13 KB 11ms
5ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-15.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6796) / Express

Resource Hash

42f314ed9a561d83b3046fa09c389ef3bfce097099b778b570742e4f2eab05bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 403788
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 13555
last-modified: Fri, 15 Oct 2021 13:03:12 GMT
server: ECS (frb/6796)
x-frame-options: SAMEORIGIN
x-varnish: 1512051343
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-alexandra-fisher-0adP_cE5EHw-unsplash.jpg
townsquare.media/site/385/files/2021/10/ 9 KB
10 KB 11ms
7ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-alexandra-fisher-0adP_cE5EHw-unsplash.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) / Express

Resource Hash

0df929fe53b421dd95e1197b96431e0b48e09c94eac687acb96484875790cd0b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 491128
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 9636
last-modified: Thu, 14 Oct 2021 12:44:56 GMT
server: ECS (frb/67C1)
x-frame-options: SAMEORIGIN
x-varnish: 463916504 463248246
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-colbies.jpg
townsquare.media/site/385/files/2021/10/ 14 KB
14 KB 12ms
5ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-colbies.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669F) / Express

Resource Hash

0cf3f55f0655324f432222980facc8070e11828db2a64b41c7c3da635668a229

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 51997
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 13949
last-modified: Tue, 19 Oct 2021 14:38:54 GMT
server: ECS (frb/669F)
x-frame-options: SAMEORIGIN
x-varnish: 1567092549
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-lc.jpg
townsquare.media/site/385/files/2021/10/ 9 KB
9 KB 11ms
5ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-lc.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) / Express

Resource Hash

12c6858e76aed7c61aa74e276a1e182dbaddf86798fd339889a2a3ab13a79fed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 51997
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 8981
last-modified: Tue, 19 Oct 2021 14:34:44 GMT
server: ECS (frb/6772)
x-frame-options: SAMEORIGIN
x-varnish: 1567092545
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-RS28235_ThinkstockPhotos-538048010.jpg
townsquare.media/site/385/files/2021/10/ 21 KB
21 KB 12ms
6ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-RS28235_ThinkstockPhotos-538048010.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) / Express

Resource Hash

d3fd9e7d05e9e72f4eda977557708af8f4f411089e7e6cd05a42a29a54084f55

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 51998
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 21714
last-modified: Tue, 19 Oct 2021 14:29:23 GMT
server: ECS (frb/6713)
x-frame-options: SAMEORIGIN
x-varnish: 534105239
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-add-weed-tFkScFEdh7c-unsplash.jpg
townsquare.media/site/385/files/2021/10/ 8 KB
8 KB 12ms
6ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-add-weed-tFkScFEdh7c-unsplash.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D5) / Express

Resource Hash

09039e29f8f42a6d279578ec49bc3daba33fac3ad4a67f142a3bd73c5d7eca7e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 52178
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 8505
last-modified: Tue, 19 Oct 2021 14:17:08 GMT
server: ECS (frb/67D5)
x-frame-options: SAMEORIGIN
x-varnish: 534072944
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-GettyImages-1192589537.jpeg
townsquare.media/site/385/files/2021/10/ 14 KB
14 KB 27ms
22ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-GettyImages-1192589537.jpeg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D50) / Express

Resource Hash

a2c41ad913e3ac31a6228be63394eeb8646722a59e7d7ca4fdc83209e923fe90

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 43282
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 13947
last-modified: Tue, 19 Oct 2021 17:12:41 GMT
server: ECS (lcy/1D50)
x-frame-options: SAMEORIGIN
x-varnish: 535937362 535681040
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 Five-Guys-Howell.jpg
townsquare.media/site/385/files/2020/01/ 14 KB
14 KB 28ms
22ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2020/01/Five-Guys-Howell.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D2B) / Express

Resource Hash

8befec1d36f95a54fe37a692a67bbd22937c0d77a4f95753934572412a318f41

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 44289
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 14148
last-modified: Wed, 22 Jan 2020 18:09:12 GMT
server: ECS (lcy/1D2B)
x-frame-options: SAMEORIGIN
x-varnish: 535494658
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 Papermill-Playhouse.jpg
townsquare.media/site/385/files/2021/05/ 17 KB
17 KB 16ms
3ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/05/Papermill-Playhouse.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6776) / Express

Resource Hash

f3c0f53c1345c28c6ad76f44663e643a317f487a5497421d8066b566f47da38e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 130013
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 17067
last-modified: Fri, 21 May 2021 16:25:01 GMT
server: ECS (frb/6776)
x-frame-options: SAMEORIGIN
x-varnish: 521666149 521585097
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-Hunterdon-County-Technical-Rescue-Task-Force-Call-1.jpg
townsquare.media/site/385/files/2021/10/ 16 KB
16 KB 15ms
3ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-Hunterdon-County-Technical-Rescue-Task-Force-Call-1.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668A) / Express

Resource Hash

1fc06d4ff47162b68447941c294ede663c35c727ecf794d282535ce70a205210

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 131279
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 15876
last-modified: Mon, 18 Oct 2021 17:15:06 GMT
server: ECS (frb/668A)
x-frame-options: SAMEORIGIN
x-varnish: 521666196 521355637
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-GettyImages-1347096121.jpg
townsquare.media/site/385/files/2021/10/ 27 KB
27 KB 17ms
6ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-GettyImages-1347096121.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) / Express

Resource Hash

879b36dcb564a3b55022348cf21e9fa989bc123dae72a309a2082e6f0d6b9004

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 41381
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 27145
last-modified: Tue, 19 Oct 2021 17:46:15 GMT
server: ECS (frb/67A7)
x-frame-options: SAMEORIGIN
x-varnish: 1569040334 1569023628
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-Deneen-and-the-kids.jpg
townsquare.media/site/385/files/2021/10/ 11 KB
11 KB 18ms
6ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-Deneen-and-the-kids.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) / Express

Resource Hash

81d388a296fa2ab8233235374c7a8c3609838f7d6cec4ccaf40e0134506d0a98

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 41892
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 11371
last-modified: Tue, 19 Oct 2021 17:18:24 GMT
server: ECS (frb/6738)
x-frame-options: SAMEORIGIN
x-varnish: 536050821 535939708
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-Mayo-coffee-1.jpg
townsquare.media/site/385/files/2021/10/ 12 KB
12 KB 20ms
8ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-Mayo-coffee-1.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6724) / Express

Resource Hash

206942b1da64538e8d297f8676de28e3064b00441cb20b2e98b885efa5816835

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 434953
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 12686
last-modified: Fri, 15 Oct 2021 01:50:06 GMT
server: ECS (frb/6724)
x-frame-options: SAMEORIGIN
x-varnish: 474581934
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-_storage_3039-6631_DCIM_Camera_20180705_195632.jpg
townsquare.media/site/385/files/2021/10/ 18 KB
18 KB 18ms
7ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-_storage_3039-6631_DCIM_Camera_20180705_195632.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67AA) / Express

Resource Hash

91468441ec3dfbf632bba6ce2032a5594cdaef33f8ed5a3419f6b19da9c28c38

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 434953
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 18341
last-modified: Thu, 14 Oct 2021 23:49:47 GMT
server: ECS (frb/67AA)
x-frame-options: SAMEORIGIN
x-varnish: 474582031
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-ep-1.jpg
townsquare.media/site/385/files/2021/10/ 21 KB
21 KB 28ms
17ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-ep-1.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D39) / Express

Resource Hash

c793e0c6939966b2873ccb7847438c0b2e9021dcc7bc69428dcfd3fb6f139c67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 8989
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 21449
last-modified: Tue, 19 Oct 2021 23:10:07 GMT
server: ECS (lcy/1D39)
x-frame-options: SAMEORIGIN
x-varnish: 541916763
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-RS33210_GettyImages-936987338-scr.jpg
townsquare.media/site/385/files/2021/06/ 12 KB
12 KB 31ms
20ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/06/attachment-RS33210_GettyImages-936987338-scr.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D63) / Express

Resource Hash

9e4ca8a037e0fa84945ca3df9665c9e41ed9385b721af7343f48140ca37b48d4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 8989
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 11899
last-modified: Thu, 17 Jun 2021 13:50:16 GMT
server: ECS (lcy/1D63)
x-frame-options: SAMEORIGIN
x-varnish: 1574925859
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 jail-cell.jpg
townsquare.media/site/385/files/2019/03/ 15 KB
15 KB 35ms
24ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2019/03/jail-cell.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D3F) / Express

Resource Hash

44092bcd444906ea231d6bd9dc001f633ab4b3c27befa6a5165a17be81b28375

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 8989
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 15411
last-modified: Fri, 06 Dec 2019 03:00:22 GMT
server: ECS (lcy/1D3F)
x-frame-options: SAMEORIGIN
x-varnish: 541916766
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 Man-Stressed-Over-Money.jpg
townsquare.media/site/385/files/2021/10/ 9 KB
9 KB 30ms
18ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/Man-Stressed-Over-Money.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D62) / Express

Resource Hash

1a0d982e5f4d4477187db9c541b4931dbc75ad715cefd978ec494642f84f2196

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 22753
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 8871
last-modified: Tue, 19 Oct 2021 22:55:17 GMT
server: ECS (lcy/1D62)
x-frame-options: SAMEORIGIN
x-varnish: 539577621
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-cp-1.jpg
townsquare.media/site/385/files/2021/10/ 21 KB
21 KB 33ms
22ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-cp-1.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D56) / Express

Resource Hash

357091aad5e94874a186fc3cae498ec3518669d76dec5761fa13a1d7f04b45c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 24770
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 21190
last-modified: Tue, 19 Oct 2021 22:17:39 GMT
server: ECS (lcy/1D56)
x-frame-options: SAMEORIGIN
x-varnish: 1572231415
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-Wyckoff-protest-arrests-Monday-Boyd-A.-Loving.jpg
townsquare.media/site/385/files/2021/10/ 23 KB
23 KB 33ms
22ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-Wyckoff-protest-arrests-Monday-Boyd-A.-Loving.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D47) / Express

Resource Hash

9a1424ce361538f352604934ef77302d129ba9488ecf11cfc40db270ddc342e3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 25041
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 23870
last-modified: Tue, 19 Oct 2021 22:06:23 GMT
server: ECS (lcy/1D47)
x-frame-options: SAMEORIGIN
x-varnish: 1572231424 1572180806
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-RS44196_GettyImages-1193312195.jpg
townsquare.media/site/385/files/2021/10/ 12 KB
12 KB 39ms
25ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-RS44196_GettyImages-1193312195.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D27) / Express

Resource Hash

a30b5bf7dfca5612e72c5494c09539e4f85e4e917b72a081a60b9b822c50d33c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 26333
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 12234
last-modified: Tue, 19 Oct 2021 21:50:41 GMT
server: ECS (lcy/1D27)
x-frame-options: SAMEORIGIN
x-varnish: 539084276 538935731
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-Untitled3.jpg
townsquare.media/site/385/files/2021/10/ 7 KB
7 KB 19ms
6ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-Untitled3.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) / Express

Resource Hash

b14fa49ed0b27e12cfec45f0a86fef00f3610687d4eb7bb8be6af465dc0e51d2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 40158
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 7255
last-modified: Tue, 19 Oct 2021 17:53:47 GMT
server: ECS (frb/6723)
x-frame-options: SAMEORIGIN
x-varnish: 1569252105
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-Robert-Smith.jpg
townsquare.media/site/385/files/2021/10/ 10 KB
10 KB 19ms
5ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-Robert-Smith.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668A) / Express

Resource Hash

d9b56ef5a334106d61a7d86ba259f2ba8a6efeeeb7d068517d8e71d2a998b1cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 42520
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 10369
last-modified: Tue, 19 Oct 2021 17:46:17 GMT
server: ECS (frb/668A)
x-frame-options: SAMEORIGIN
x-varnish: 536051422 535825266
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 RS31855_IMG_0425.jpg
townsquare.media/site/385/files/2020/12/ 18 KB
18 KB 20ms
6ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2020/12/RS31855_IMG_0425.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6724) / Express

Resource Hash

fb7c210168ca8297e94d551b750f4cd2e1d60cbb368073ee6696e2f2be6aa96f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 41292
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 18380
last-modified: Thu, 17 Dec 2020 02:01:49 GMT
server: ECS (frb/6724)
x-frame-options: SAMEORIGIN
x-varnish: 1569040927
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-passaic1.jpg
townsquare.media/site/385/files/2021/10/ 22 KB
22 KB 33ms
20ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-passaic1.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) / Express

Resource Hash

aeb6414a2b2ee920a1d73fe8827d78e2a36abff7b99a7b3ad9b1dbab519cf6e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 44301
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 22106
last-modified: Tue, 19 Oct 2021 16:29:09 GMT
server: ECS (frb/6723)
x-frame-options: SAMEORIGIN
x-varnish: 1568482970
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-RS816_156498695.jpg
townsquare.media/site/385/files/2021/10/ 12 KB
12 KB 19ms
6ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/10/attachment-RS816_156498695.jpg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) / Express

Resource Hash

5c3d776db96ff4e94d33d6492ad12055a69fce66f11f4a49489d091438c1e954

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 48408
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 12119
last-modified: Tue, 19 Oct 2021 15:56:14 GMT
server: ECS (frb/6725)
x-frame-options: SAMEORIGIN
x-varnish: 1567823679 1567727203
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 ES-Headshot.jpg
townsquare.media/site/385/files/2017/09/ 12 KB
12 KB 36ms
22ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2017/09/ES-Headshot.jpg?w=300&q=75
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) / Express
Resource Hash: b417a99bba6265ca4e3aeb48bdba0e47c63a3db47f11cce31a6d2091a1fd1307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 9769323
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 11829
last-modified: Tue, 10 Sep 2019 12:27:45 GMT
server: ECS (frb/6738)
x-varnish: 1446090784 1444780552
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 DSC02556.jpg
townsquare.media/site/385/files/2018/05/ 18 KB
18 KB 35ms
22ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2018/05/DSC02556.jpg?w=300&q=75
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) / Express
Resource Hash: cff186bf01947992d639f5eccf69e30ed53f340ec2792bbcb14aca39ef95a6d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 27949122
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 17957
last-modified: Wed, 11 Sep 2019 12:00:58 GMT
server: ECS (frb/6772)
x-varnish: 2895652130 2895471576
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 Pinups-for-Mental-Health-Awareness-51.jpg
townsquare.media/site/385/files/2018/05/ 15 KB
15 KB 23ms
10ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2018/05/Pinups-for-Mental-Health-Awareness-51.jpg?w=300&q=75
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668A) / Express
Resource Hash: be341a62bf77e28e4c6af3db5d48edc8f8b80392c3bffa4e6b41ad864205b0d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 27948841
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 15756
last-modified: Tue, 17 Sep 2019 21:05:50 GMT
server: ECS (frb/668A)
x-varnish: 2643130272 2643051348
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 untitled-shoot-03060.jpg
townsquare.media/site/385/files/2017/06/ 16 KB
16 KB 22ms
8ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2017/06/untitled-shoot-03060.jpg?w=300&q=75
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E2) / Express
Resource Hash: f90dd1ff5f6de7e00ccd7854cc500e0576139505e550ff698f505eba24421027

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 27948523
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 16475
last-modified: Tue, 10 Sep 2019 12:27:45 GMT
server: ECS (frb/67E2)
x-varnish: 2895628113
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 DSC00982.jpg
townsquare.media/site/385/files/2018/01/ 21 KB
21 KB 21ms
8ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2018/01/DSC00982.jpg?w=300&q=75
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BD) / Express
Resource Hash: 162a68e430e6979c941528208678741ec98e2881d137a2e6169acd6417be304e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 27949148
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 21750
last-modified: Tue, 17 Sep 2019 21:05:51 GMT
server: ECS (frb/67BD)
x-varnish: 2643130367 2642962127
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 DSC09275.jpg
townsquare.media/site/385/files/2017/06/ 16 KB
17 KB 23ms
10ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2017/06/DSC09275.jpg?w=300&q=75
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6794) / Express
Resource Hash: 7ab119b87f63417004d27c1b65b94f0a929fcf06f118bdc27473198acd7a9dc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 27949123
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 16863
last-modified: Thu, 12 Sep 2019 00:31:28 GMT
server: ECS (frb/6794)
x-varnish: 2895628151 2895471356
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 untitled-shoot-03047.jpg
townsquare.media/site/385/files/2017/06/ 16 KB
17 KB 23ms
11ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2017/06/untitled-shoot-03047.jpg?w=300&q=75
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A7) / Express
Resource Hash: e7e50fa796a4c70e7870716a9326e339eb5f7e8d7ba392884b184d0195007872

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 9641558
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 16874
last-modified: Thu, 12 Sep 2019 01:53:18 GMT
server: ECS (frb/67A7)
x-varnish: 2416452900
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 DSC02832.jpg
townsquare.media/site/385/files/2018/05/ 20 KB
20 KB 26ms
10ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2018/05/DSC02832.jpg?w=300&q=75
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) / Express
Resource Hash: 49e7f91865c021485f672fcdde5619f80a6cd81dcb1a9462a2f4a962a53b2881

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 20397605
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 19990
last-modified: Thu, 12 Sep 2019 15:28:30 GMT
server: ECS (frb/6795)
x-varnish: 2123986359
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 DSC02441.jpg
townsquare.media/site/385/files/2018/05/ 17 KB
18 KB 26ms
11ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2018/05/DSC02441.jpg?w=300&q=75
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) / Express
Resource Hash: c2b69369466f46dcd91d21754fd5222fb07341509ba7a14816781822471f86f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 27947743
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 17916
last-modified: Tue, 17 Sep 2019 21:05:51 GMT
server: ECS (frb/6762)
x-varnish: 2895789657
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 attachment-craigallen.jpeg
townsquare.media/site/385/files/2021/09/ 17 KB
17 KB 27ms
13ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2021/09/attachment-craigallen.jpeg?w=300&q=75

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) / Express

Resource Hash

2a37615e1c222d73b4bc79ddd0c9a7906b33d530cbd648c8a19744f07fca969e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 2207483
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 17171
last-modified: Fri, 24 Sep 2021 14:56:02 GMT
server: ECS (frb/6794)
x-frame-options: SAMEORIGIN
x-varnish: 2725220548
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 nj-app.jpg
townsquare.media/site/385/files/2016/10/ 17 KB
17 KB 28ms
14ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2016/10/nj-app.jpg?w=300&q=75
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) / Express
Resource Hash: a98c1a2bc83007c9add743353ce0ede6e9e71d5984bd2f16fb9747a745653fb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 27948742
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 16921
last-modified: Tue, 24 Sep 2019 15:12:57 GMT
server: ECS (frb/67C0)
x-varnish: 2896076207 2895577150
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H2 200 TSI_Promo.png
townsquare.media/site/1/wp-content/uploads/2016/03/ 49 KB
49 KB 24ms
9ms Image
image/png 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/1/wp-content/uploads/2016/03/TSI_Promo.png?w=300&q=75
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) / Express
Resource Hash: e5ea85a5339dee1209a92903a2245c02ffe0b9cc264f0804ea04aba2680b0681

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 28222757
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 50329
last-modified: Wed, 20 Sep 2017 17:43:47 GMT
server: ECS (frb/6724)
x-varnish: 2643430625 2609727224
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/png
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 308ms
32ms Image
image/gif 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-19109753-1&cid=476914858.1634706869&jid=2022821703&_u=aGDAgAADAAAAAE~&z=1422056241

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 306ms
38ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-19109753-1&cid=476914858.1634706869&jid=2022821703&_u=aGDAgAADAAAAAE~&z=1422056241

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
425 B 257ms
9ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=254982&u=https%3A%2F%2Fnj1015.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:29 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.111.39], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://nj1015.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Wed, 20 Oct 2021 05:14:29 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
369 B 301ms
106ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=272477&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22108c53b73899f7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnj1015.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%224.41.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222de420a3-0165-4cb1-adbf-9ebb89bab0f9%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-10-20T05%3A14%3A29%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22232d6b15aa14bb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272477%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22302cda071bc6eb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272478%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22422c2a625b35e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272479%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22526614c0cdcb4a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272480%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22676a728e409812%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272494%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22232d6b15aa14bb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272477%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22302cda071bc6eb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272478%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 08777f3b45a881fb635787f8f2bd9ae32aea79a9ee0cb88596df05da836085dc

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.111.39], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://nj1015.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Wed, 20 Oct 2021 05:14:29 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 842 B
1 KB 343ms
159ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

80db474dab782fd8993349438b71d9322b0963535e73798a09e02240288f387c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 05:14:30 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 216.131.111.39; 216.131.111.39; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 49868b93-d966-4e60-8990-7482d09dd453
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://nj1015.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
townsquaremedia-d.openx.net/w/1.0/ 174 B
557 B 217ms
49ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnj1015.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e6fc3184-6ce6-4a38-a9b4-f81dc8bcde24%2Ce72dc636-3c35-4132-a988-15bb0dfab598%2Cea9c308e-da4d-4a05-825c-8678db4a42a6%2Cca8af704-70d3-4ec3-a389-6698b96215d8%2C61fa29d7-b8b5-4632-bf75-df6eecf4511f%2C763d7726-5ad1-4ccd-af9c-15bca3b458e2&nocache=1634706869543&aus=300x250%2C300x600%7C300x250%2C300x600%7C728x90%7C728x90%7C970x250%7C300x250&divids=tsm-ad-300b%2Ctsm-ad-300c%2Ctsm-ad-728a%2Ctsm-ad-728b%2Ctsm-ad-970a%2Ctsm-ad-maintop-300a&aucs=%2C%2C%2C%2C%2C&auid=539829446%2C539829446%2C539829446%2C539829446%2C539829446%2C539829446&aumfs=250%2C250%2C250%2C250%2C250%2C250
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: fa00b22a66787bf941b80c1cb093e2fe83f222cd5012500966ea423096d359b6

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
server: OXGW/16.217.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://nj1015.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 hb Show response
hb.undertone.com/ 0
446 B 298ms
95ms XHR
text/plain 18.66.97.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=2552&domain=nj1015.com
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 018ffb575888f1c9ec960e3e977c042f.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://nj1015.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: KYZj05MHOXjt1gHx88WULZkPTbP4aAqLRjMsG6TUXMgjDRiooMgUnQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 330 B
448 B 204ms
19ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 01b1b72e70c5e0b2c3ca1d8cfb390e389a0a37b2a143a41031c909d4450dc5b8

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nj1015.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 KB
1 KB 240ms
41ms XHR
application/json 52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=9150&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnj1015.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2Fnj1015.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 223d9c8689c39003b0585d7b46633ff2e9afe6b380609a3f3be61643d154bdea

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://nj1015.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 KB
1 KB 246ms
48ms XHR
application/json 52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=9151&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnj1015.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2Fnj1015.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c3273ecdc0e1b71057b8a0c51ba13a5f52ef8b4b5450b01c40b178f6e4956f02

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://nj1015.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 259ms
61ms XHR
application/json 52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=9152&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnj1015.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2Fnj1015.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c162064c8a2093a006fc78778e17e6bc731331b4b53ced8d6f63b3228b5e5bf8

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://nj1015.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 231ms
33ms XHR
application/json 52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=9153&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnj1015.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2Fnj1015.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3b9ea3ee50fff9060f7ea53fce65183fa6e29a7eca93f308d9d7b822570f1d1b

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://nj1015.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 KB
1 KB 330ms
133ms XHR
application/json 52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=9176&pi=3&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnj1015.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2Fnj1015.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 718036acfccc6c6abd503c6a7ab7a605ef9385479c413e9449b251c0cbeebfab

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:30 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://nj1015.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
244 B 239ms
50ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:29 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://nj1015.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Wed, 20 Oct 2021 05:14:29 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 198 B
772 B 253ms
54ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2257097674f5734e%22%3A%22810bf2d7e35a61283050%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fhome%22%2C%2258401fbcd3b5433%22%3A%227fbd8d4749c511640249%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fhome%22%2C%2259cdcc7d094b231%22%3A%22ea7911e26d411186eb66%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fhome%22%2C%2260ddaff8a0f8ff4%22%3A%226e36ff2b933db31e890f%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fhome%22%2C%2261bbd8b7577675f%22%3A%2288e31f49e54a033259c1%7C970x250%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fhome%22%2C%226296d6d7e14356%22%3A%22c04745a2e2f71ae36abf%7C300x250%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fhome%22%7D&ref=https%3A%2F%2Fnj1015.com%2F&s=ade795e9-186b-48c0-9017-21bfccd63552&pv=b1ee4e80-1751-4c1d-ad64-16c1ac9bb444&vp=desktop&lib_name=prebid&lib_v=4.41.0&us=5&ius=1&coppa=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

47ef35af3460ce34fe6c9a209e3a518d5f7ef2d557336f936774dd2a8cca4837

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:29 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://nj1015.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 163
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
260 B 305ms
119ms XHR
application/json 3.125.147.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.41.0&referrer=https%3A%2F%2Fnj1015.com%2F&tmax=2000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.147.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-147-153.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:29 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nj1015.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
980 B 485ms
271ms XHR
application/json 167.172.1.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.1.14 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: f422113c3e8ad6af34ceb262a3a9e8cf01b36ebc973d798ddf1cf97d778cac47

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nj1015.com
date: Wed, 20 Oct 2021 05:14:29 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 200ms
7ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nj1015.com
date: Wed, 20 Oct 2021 05:14:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
673 B 189ms
13ms XHR
application/json 3.121.182.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22e13e5695-4552-4429-87cb-bafe668b8a28%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1634706869554%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%228337ff05cbbced8%22%3A%22_aDJRj7ybNG%22%2C%22841da7aa43001aa%22%3A%22_aDJRj7ybNG%22%2C%2285cc92a5d878db%22%3A%22_wPlmCMrvTH%22%2C%228621c3dfe1ed71a%22%3A%22_wPlmCMrvTH%22%2C%2287db0e446cbe91e%22%3A%22_wPlmCMrvTH%22%2C%22886dbbe92eec1fe%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%228337ff05cbbced8%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22841da7aa43001aa%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%2285cc92a5d878db%22%3A%5B%5B728%2C90%5D%5D%2C%228621c3dfe1ed71a%22%3A%5B%5B728%2C90%5D%5D%2C%2287db0e446cbe91e%22%3A%5B%5B970%2C250%5D%5D%2C%22886dbbe92eec1fe%22%3A%5B%5B300%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300b%22%2C%22transactionId%22%3A%22e6fc3184-6ce6-4a38-a9b4-f81dc8bcde24%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%228337ff05cbbced8%22%2C%22bidderRequestId%22%3A%22823b51941b2071e%22%2C%22auctionId%22%3A%22a7543fdc-2225-41c6-bfcc-36a19f48a5f4%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300c%22%2C%22transactionId%22%3A%22e72dc636-3c35-4132-a988-15bb0dfab598%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%22841da7aa43001aa%22%2C%22bidderRequestId%22%3A%22823b51941b2071e%22%2C%22auctionId%22%3A%22a7543fdc-2225-41c6-bfcc-36a19f48a5f4%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728a%22%2C%22transactionId%22%3A%22ea9c308e-da4d-4a05-825c-8678db4a42a6%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%2285cc92a5d878db%22%2C%22bidderRequestId%22%3A%22823b51941b2071e%22%2C%22auctionId%22%3A%22a7543fdc-2225-41c6-bfcc-36a19f48a5f4%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728b%22%2C%22transactionId%22%3A%22ca8af704-70d3-4ec3-a389-6698b96215d8%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%228621c3dfe1ed71a%22%2C%22bidderRequestId%22%3A%22823b51941b2071e%22%2C%22auctionId%22%3A%22a7543fdc-2225-41c6-bfcc-36a19f48a5f4%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-970a%22%2C%22transactionId%22%3A%2261fa29d7-b8b5-4632-bf75-df6eecf4511f%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%2C%22bidId%22%3A%2287db0e446cbe91e%22%2C%22bidderRequestId%22%3A%22823b51941b2071e%22%2C%22auctionId%22%3A%22a7543fdc-2225-41c6-bfcc-36a19f48a5f4%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-maintop-300a%22%2C%22transactionId%22%3A%22763d7726-5ad1-4ccd-af9c-15bca3b458e2%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%22886dbbe92eec1fe%22%2C%22bidderRequestId%22%3A%22823b51941b2071e%22%2C%22auctionId%22%3A%22a7543fdc-2225-41c6-bfcc-36a19f48a5f4%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fnj1015.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.182.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-182-182.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://nj1015.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 283ms
92ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fnj1015.com%2F&kw=tsm-ad-300b&tk_flint=pbjs_lite_v4.41.0&x_source.tid=e6fc3184-6ce6-4a38-a9b4-f81dc8bcde24&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1965491764374474
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 660bba340d15cde5acfe7f2fd0f39570eb8393f221aff910b87e7f6c47c37016

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:29 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://nj1015.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 284ms
93ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fnj1015.com%2F&kw=tsm-ad-300c&tk_flint=pbjs_lite_v4.41.0&x_source.tid=e72dc636-3c35-4132-a988-15bb0dfab598&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5049442124786199
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: fcd7d69699a870199b674a1e46d91c176ed932fe15a3a2bda29bba6456f5fa13

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:29 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://nj1015.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
1 KB 278ms
86ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnj1015.com%2F&kw=tsm-ad-728a&tk_flint=pbjs_lite_v4.41.0&x_source.tid=ea9c308e-da4d-4a05-825c-8678db4a42a6&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6387689190797261
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 4acb33dc8d89a6c766b4d9dd6930c38d1c8523d70f014f648a16e92acc7b9a40

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:29 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://nj1015.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
1 KB 269ms
77ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=2&rf=https%3A%2F%2Fnj1015.com%2F&kw=tsm-ad-728b&tk_flint=pbjs_lite_v4.41.0&x_source.tid=ca8af704-70d3-4ec3-a389-6698b96215d8&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6597965407020636
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a3ae1e0bf23d194228a34a97a53feba2dd2828a390ced18eacc4cd340a568b77

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:29 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://nj1015.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 265ms
73ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=57&p_pos=atf&rf=https%3A%2F%2Fnj1015.com%2F&kw=tsm-ad-970a&tk_flint=pbjs_lite_v4.41.0&x_source.tid=61fa29d7-b8b5-4632-bf75-df6eecf4511f&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5062406710181457
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0c0bd50ad8e172b4668c5346c725cb3be7c8b6352b096c12e266f46ef6c09a80

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:29 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://nj1015.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 265ms
74ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=15&p_pos=atf&rf=https%3A%2F%2Fnj1015.com%2F&kw=tsm-ad-maintop-300a&tk_flint=pbjs_lite_v4.41.0&x_source.tid=763d7726-5ad1-4ccd-af9c-15bca3b458e2&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.408734471454111
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=82576c9117170fd9d7254bf8574d5670e518945b&mver=120&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 07025834a81ea9218ceb12430a7ca3c7be31df4a5d9c1c874f9fb7d1786c47c1

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:29 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://nj1015.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 415 B
618 B 167ms
2ms XHR
application/json 64.158.223.146
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.0.8&lid=336
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.158.223.146 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: 146.vip.crm-node2.ams5.cnvr.net
Software: nginx /
Resource Hash: 33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:29 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://nj1015.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 415
expires: Wed, 20 Oct 2021 05:44:29 GMT

GET
H2 200 chunk-33.12d0075d4a6a5dedf024.1633557839703.js Show response
nj1015.com/public/dist/desktop/ 740 B
828 B 7ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/public/dist/desktop/chunk-33.12d0075d4a6a5dedf024.1633557839703.js

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) / Express

Resource Hash

2037bd2b8429338ca2b02dfbbe80f2f90fa1bd86fd5180836f95f9b578a74ad4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-33.12d0075d4a6a5dedf024.1633557839703.js
pragma: no-cache
cookie: gdpr-source=DE; abgroup=A; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 varnish
age: 35912
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 740
last-modified: Thu, 07 Oct 2021 19:11:39 GMT
server: ECS (frb/67F2)
etag: W/"2e4-17c5c2b12e4"
x-frame-options: SAMEORIGIN
x-varnish: 537088607
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:28 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 241 KB
82 KB 93ms
24ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

8432fe5a456796e06b8a4a07ceebbcbafa9e7000d52f64554265f2d1a1db38d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 21:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 83961
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 19 Oct 2022 21:44:40 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame 29EE 2 KB
2 KB 113ms
50ms Document
text/html 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channel=newjersey101point5&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fnj1015.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

ESF /

Resource Hash

1930188b53b4c773e79a47c3dec0de8f6b02d1f5c95cb55b5118c389bcd34bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /subscribe_embed?usegapi=1&channel=newjersey101point5&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fnj1015.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nj1015.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 20 Oct 2021 05:14:29 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=sYhL4A8YJbo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Thu, 24-Jan-2019 05:14:29 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+341; expires=Fri, 20-Oct-2023 05:14:29 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 738 B
509 B 87ms
23ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

028603e12a60db253d6ae87adbaa27bd28f78bb4b1b3a9e7da70f89c86cd8534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 21:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 483
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 19 Oct 2022 21:49:52 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 49ms
30ms Fetch
text/plain 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1096102534197907&input_token&origin=1&redirect_uri=https%3A%2F%2Fnj1015.com%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: pJOkiC1qoOdBT7cEucWS//5xc/mcFZ8jIs/57T2xaWAJ0f3C7Vv8VO6flykJmZotXfq2tBm6QK+jtoyF56+HmQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Wed, 20 Oct 2021 05:14:29 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nj1015.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 like.php Show response
www.facebook.com/v2.8/plugins/ Frame B74A 0
2 KB 26ms
25ms Document
text/html 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1096102534197907&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e0df920ce8cd%26domain%3Dnj1015.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnj1015.com%252Ff23c71d7b40ac18%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.facebook.com%2Fnj1015&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.8/plugins/like.php?action=like&app_id=1096102534197907&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e0df920ce8cd%26domain%3Dnj1015.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnj1015.com%252Ff23c71d7b40ac18%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.facebook.com%2Fnj1015&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nj1015.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: Iq4jHteWGlr2n7bbjJi2Zxe+6uEc4j+Fi0exH/uNHega7Ut5DNHjHfYK6QqFZoJl3XnNT8L98E9JBAqlK3Z2Uw==
content-length: 0
date: Wed, 20 Oct 2021 05:14:29 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
530 B 48ms
48ms XHR
text/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fnj1015.com%2F&pid=IiVEZAATj0iNk&cb=0&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22kv%22%3A%7B%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FTrenton%2FWKXW%2Ftsm-ad-970a%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FTrenton%2FWKXW%2Ftsm-ad-maintop-300a%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22kv%22%3A%7B%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FTrenton%2FWKXW%2Ftsm-ad-300b%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22kv%22%3A%7B%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FTrenton%2FWKXW%2Ftsm-ad-300c%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22kv%22%3A%7B%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FTrenton%2FWKXW%2Ftsm-ad-728a%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22kv%22%3A%7B%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FTrenton%2FWKXW%2Ftsm-ad-728b%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-210-175.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:29 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: 6YM1JXVK6VCKAEPRZRZF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nj1015.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: Bw_ZeKiHrsldPOuKPPD_ooUIP7lzQ905imqkTB8U0K-ljoBtwfC73Q==

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=631470830669776&ev=PageView&dl=https%3A%2F%2Fnj1015.com%2F&rl=&if=false&ts=1634706869836&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634706869824.13511798&it=1634706869018&coo=false&exp=p0&rqm=GET

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.35 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 20 Oct 2021 05:14:29 GMT

POST
H2 200 cogitoergosum Show response
nj1015.com/rest/high/api/ 22 B
131 B 111ms
110ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/rest/high/api/cogitoergosum

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://nj1015.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: gdpr-source=DE; abgroup=A; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9; _fbp=fb.1.1634706869824.13511798; blingblocksession=1
content-length: 107
:path: /rest/high/api/cogitoergosum
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Oct 2021 05:14:30 GMT
etag: W/"16-9TAjjH5B1CRTDKLX0cVR1g"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
vary: Accept-Encoding
content-length: 22
expires: Wed, 20 Oct 2021 05:14:29 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 31ms
31ms XHR
text/plain 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=990329378&t=event&_s=1&dl=https%3A%2F%2Fnj1015.com%2F&ul=en-us&de=UTF-8&dt=New%20Jersey%20101.5%20%E2%80%93%20Proud%20to%20be%20New%20Jersey%20%E2%80%93%20New%20Jersey%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adblock&ea=detection&el=off&_u=6GDAAAADAAAAAG~&jid=578005595&gjid=1147923917&cid=476914858.1634706869&tid=UA-115003007-7&_gid=906317624.1634706869&_r=1&_slc=1&did=i5iSjo&z=233441940

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nj1015.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame BC21 232 B
431 B 126ms
109ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=87e341ec990f236417f930edd38af49dfe2f8ae5

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fnj1015.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:30 GMT
content-encoding: gzip
last-modified: Wed, 20 Oct 2021 05:14:30 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 57ad148a4bfba2d6bab134a660ad8e8de75027c9da30ba4c810152b587a1eef6
content-length: 166

GET
H2 200 gdpr-cmp-bootstrap.js Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 307 KB
68 KB 61ms
9ms Script
application/javascript 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 267d1daed09d9ecec5f1e21bb6fe93e6eb9b65a051b7c07e966dfcda10f9e812

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:30 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 18:20:57 GMT
server: Apache
etag: "4ccb2-5cc99935cd436-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 69040

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 29EE 38 KB
6 KB 24ms
23ms Stylesheet
text/css 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=newjersey101point5&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fnj1015.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=newjersey101point5&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fnj1015.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 08:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Oct 2022 08:56:23 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 29EE 252 KB
72 KB 25ms
25ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=newjersey101point5&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fnj1015.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 08:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Oct 2022 08:09:38 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 5F17 566 B
880 B 96ms
36ms Document
text/html 142.250.181.237
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fnj1015.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.237 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f13.1e100.net

Software

ESF /

Resource Hash

80b2f2453e844930d91e57c8e95ec0574e32f976037081ee19562fdd6947afd7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BN2WUAdr04KSB/WbMT1Gsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fnj1015.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nj1015.com/
accept-encoding: gzip, deflate, br
cookie: NID=511=jzINWiXIxEfDfoMBKqV4c5p57qGdatL_q0VNZ1lq8aNQObmTVm4G9L1o8INshHSQ4TQOlPRXbon9eHad3B50F5O_qmhsio_v_MdcHAPu_JBtg9EJ8CrX4A8h_YvL9ePWB_e3IyL-QzfY5qGwplW98Xr8k6t3Pve_crXmaAp4S8g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 20 Oct 2021 05:14:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-BN2WUAdr04KSB/WbMT1Gsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 29EE 156 B
177 B 24ms
23ms Image
image/png 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 08:57:26 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 73024
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 156
x-xss-protection: 0
expires: Wed, 19 Oct 2022 08:57:26 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ Frame 29EE 125 KB
41 KB 25ms
25ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

e05e0cd6e07cc40ce5a92fca6cb78c2b64706a3a33f912cb26d64f8046166681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 21:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41810
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 19 Oct 2022 21:44:48 GMT

GET
H2 200 euconsent Show response
api.conversant.mgr.consensu.org/ 105 B
289 B 120ms
64ms XHR
application/json 64.158.223.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/euconsent?configId=10164&cmpVersion=3.5.0&c=84681798573
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.158.223.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-usadmm.dotomi.com
Software: nginx /
Resource Hash: 3d937fa7346d3b795355d54a229f86ecba67bd668d1b3019041bdc1903346724

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://nj1015.com
date: Wed, 20 Oct 2021 05:14:30 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx
vary: Origin
content-type: application/json

GET
H/1.1 200
OK button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js Show response
platform.twitter.com/js/ 7 KB
3 KB 9ms
8ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 05:14:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:31:51 GMT
Server: ECS (frb/6712)
Age: 29577
Etag: "e8090d17c9828f5a217bebb39dd3e689+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H2 200 index.js Show response
tags.remixd.com/player/v5/ 30 KB
9 KB 38ms
9ms Script
application/javascript 18.66.122.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.remixd.com/player/v5/index.js
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f86acce052971c1b2c180d0efc7f8114899de3af7a45659d35265ea6c8b34786

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:13:48 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 11:54:34 GMT
server: AmazonS3
age: 89
etag: W/"57e6d516aaee946bf9fac43bcfbe989a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: Um-owVKW7W5g-zKm40Xsl6DNbp0Z7i1K3AcF4uNBfG2XEZn1KHgLvA==

GET
H2 200 index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 415 KB
123 KB 730ms
683ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 33ecfe782294d19b91eb7a9566929dc72047b11ad026d5397de348012ff938a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:31 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 14:45:45 GMT
etag: "6b4ffc0df2991bf5acaa423cae5b1e8e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 6000
accept-ranges: bytes
content-length: 124954

GET
H2 200 teju-webclient.min.js Show response
static.solutionshindsight.net/teju-webclient/ 82 KB
23 KB 34ms
7ms Script
application/javascript 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7eefb9ef28d5915e4e20369d9c2e20bf2e514b04d4010bcdbb6a8ac10aeae174

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:04:26 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 15:30:29 GMT
server: AmazonS3
age: 625
etag: "527f2a08d83eb217a0dcbaa504ca9aed"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0341da327f4c4c49034aa07ebeeab1f1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 23458
x-amz-cf-id: RUkNCahoP66-otV1W-yRc2UFp4reZAh_o5KlrwC-rIycN9yidHfw2Q==

GET
H2 200 hotjar-1749163.js Show response
static.hotjar.com/c/ 5 KB
2 KB 48ms
9ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1749163.js?sv=6

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

862264443e689205050b8e70784263076b09e228e8ec5ce57a94d484b92363cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 8
etag: W/ef2cb634cafbe139bd8ea5ba6015c5fa
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: yOFe3Aq-t8B_Q8Jnm6RUvBaEUapUwxPtXx7ZUIoogtQYaU3_n_Fl4w==
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)

GET
H2 200 2607672972-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 5F17 10 KB
5 KB 87ms
27ms Script
text/javascript 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2607672972-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fnj1015.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

8874eb2e4480aca2c2cbb14e2309ad6e153676c1e12231ef79fecbfbc3ac66da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 08:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4308
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 02:16:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="federated-signon-mpm-access"
expires: Sat, 15 Oct 2022 08:47:45 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 5F17 13 KB
5 KB 64ms
63ms Script
application/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

ESF /

Resource Hash

7072c25798bd9320d7fc373f555a8b0a231edea5d7ea7e816245468ec5e005f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NbAO40ym2WZnt2PE3I5I/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "998951b1d5405dad0418a425bf80cab9"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-NbAO40ym2WZnt2PE3I5I/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Wed, 20 Oct 2021 05:14:30 GMT

GET
H/1.1 200
OK follow_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html Show response
platform.twitter.com/widgets/ Frame BAE4 36 KB
14 KB 8ms
7ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 97fea9dcfcea4baf6f72f7228a1a50560a67c9e3d1a82582d9d41f11085631f6

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://nj1015.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 29576
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 20 Oct 2021 05:14:30 GMT
Etag: "c645eaa597e9d4a92f2a306087a45087+gzip"
Last-Modified: Mon, 18 Oct 2021 18:31:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6712)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13629

GET
H2 200 bmoxMDE1LmNvbQ%3D%3D Show response
static.solutionshindsight.net/assets/ 2 KB
1 KB 26ms
11ms Fetch
application/json 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/assets/bmoxMDE1LmNvbQ%3D%3D
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 412066e0bbed90e039b96695f47201f6c41ed6a80956eae271943e45f6b1a3e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Mon, 13 Sep 2021 19:46:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: W/"53c8b086a9dcb1b5720c5d37f381c4df"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
date: Wed, 20 Oct 2021 05:14:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 7CpF1soNkVV9ycV3SFzkjOcbSyThTj2ApwIakaGNv1N_G3qMA8X92g==
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 28 KB
9 KB 24ms
24ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_2

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

5f847db4533eab27256bef8347c883fc4c23233a80272933fea4352ef2ed1a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 21:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9531
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 19 Oct 2022 21:44:48 GMT

GET
H2 200 vendor-list.json Show response
cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/ 290 KB
37 KB 26ms
7ms XHR
application/json 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/vendor-list.json
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c9d2748d96fd95c196d8324e1d54a6687b9c457200743595296311f1355207bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:30 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 16:15:01 GMT
server: Apache
etag: "4870e-5ce52617ae686-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 37330

GET
H2 200 modules.a781ddf321f3456bdb6f.js Show response
script.hotjar.com/ 222 KB
59 KB 34ms
8ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a781ddf321f3456bdb6f.js

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

ffcffad8689299e55e26c56cd30d145407515175be19d3bee0b21325e28973d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 09:07:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418044
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59836
access-control-allow-origin: *
last-modified: Fri, 15 Oct 2021 09:07:04 GMT
etag: "67449d2fea2c8c43e209959c85a6770b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 34fdfb7c7c11559df7e622af2b62f5cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: EydiIBoft4c9wU6FaXhVg8sZmxxuuzovEyLBpFVqY0aXI6UjvjBj6Q==

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ Frame 5F17 50 KB
18 KB 24ms
23ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

47c2a064595a04eef284052f1c0e2a6eb32c61f04a5238d09ebca7ad16a7c617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 21:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18151
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 19 Oct 2022 21:44:48 GMT

GET
DATA 200
OK truncated
/ Frame BAE4 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=631470830669776&ev=Microdata&dl=https%3A%2F%2Fnj1015.com%2F&rl=&if=false&ts=1634706870345&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22New%20Jersey%20101.5%20%E2%80%93%20Proud%20to%20be%20New%20Jersey%20%E2%80%93%20New%20Jersey%20News%20Radio%22%2C%22meta%3Adescription%22%3A%22NJ1015.com%2C%20the%20website%20of%20New%20Jersey%20101.5%2C%20Townsquare%20Media%27s%20WKXW-FM%20Radio%2C%20with%20the%20best%20news%2C%20weather%20and%20traffic%20coverage%20in%20New%20Jersey.%22%2C%22meta%3Akeywords%22%3A%22new%20jersey%20news%2C%20news%20new%20jersey%2C%20news%20radio%20new%20jersey%2C%20new%20jersey%20news%20radio%2C%20new%20jersey%20talk%20radio%2C%20talk%20radio%20new%20jersey%2C%20new%20jersey%5C%5C%27s%20first%20news%2C%20traffic%2C%20weather%2C%20school%20closings%2C%20business%2C%20health%2C%20nation%2C%20world%2C%20entertainment%2C%20sports%2C%20nj101.5%2C%20new%20jersey%20101.5%2C%20nj%20101.5%2C%20WKXW%2C%20WKXW-FM%2C%20WKXW%20FM%2C%20WKXWFM%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22New%20Jersey%20101.5%20%E2%80%93%20Proud%20to%20be%20New%20Jersey%20%E2%80%93%20New%20Jersey%20News%20Radio%22%2C%22og%3Adescription%22%3A%22NJ1015.com%2C%20the%20website%20of%20New%20Jersey%20101.5%2C%20Townsquare%20Media%27s%20WKXW-FM%20Radio%2C%20with%20the%20best%20news%2C%20weather%20and%20traffic%20coverage%20in%20New%20Jersey.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fnj1015.com%2F%22%2C%22og%3Asite_name%22%3A%22New%20Jersey%20101.5%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Ftownsquare.media%2Fsite%2F385%2Ffiles%2F2018%2F08%2Fnj1015b2.png%3Fw%3D250%26zc%3D1%26s%3D0%26a%3Dt%26q%3D90%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1634706869824.13511798&it=1634706869018&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.35 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 20 Oct 2021 05:14:30 GMT

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame C48E 604 B
296 B 52ms
52ms Document
text/html 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDkDKxDButZ3ltEDLjbe-_g&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

ESF /

Resource Hash

261265bf646d13a728e3c8edb873bed62feef98fdf5a356efff1eb655c37b040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /subscribe_embed?action_card=1&channelid=UCDkDKxDButZ3ltEDLjbe-_g&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nj1015.com/
accept-encoding: gzip, deflate, br
cookie: YSC=sYhL4A8YJbo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 20 Oct 2021 05:14:30 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Thu, 24-Jan-2019 05:14:30 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+553; expires=Fri, 20-Oct-2023 05:14:30 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 53ms
22ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 13:18:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 402976
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 15 Oct 2022 13:18:14 GMT

GET
H3 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 51ms
22ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 17:43:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 559861
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Oct 2022 17:43:29 GMT

GET
H3 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
339 B 45ms
23ms Image
image/png 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 20:45:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 203343
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Mon, 17 Oct 2022 20:45:27 GMT

GET
H3 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
137 B 44ms
22ms Image
image/png 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 04:17:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 89799
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 116
x-xss-protection: 0
expires: Wed, 19 Oct 2022 04:17:51 GMT

GET
H3 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
140 B 43ms
21ms Image
image/png 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 13:46:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 401254
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 15 Oct 2022 13:46:56 GMT

GET
H2 200 box-3333a05ac05419926bfc064e06a742b1.html Show response
vars.hotjar.com/ Frame A859 2 KB
1 KB 33ms
7ms Document
text/html 18.66.139.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-3333a05ac05419926bfc064e06a742b1.html
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 815099f427b52d9ed44b6a8e5820e030f91edc83ff9036af91d244790da18520

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-3333a05ac05419926bfc064e06a742b1.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nj1015.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 15 Oct 2021 09:07:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "5714afe29acafadac58f3f7dcf18fd6b"
last-modified: Fri, 15 Oct 2021 09:07:04 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d39.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: J54l6ih5luRkoUmD70zQGL6_5POh5vALyk-_j4bhHG0NB3uzCweCWQ==
age: 418045

POST
H2 204 event Show response
api.conversant.mgr.consensu.org/gdpr/cmp/ 0
116 B 90ms
64ms XHR
text/plain 64.158.223.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.158.223.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-usadmm.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://nj1015.com
date: Wed, 20 Oct 2021 05:14:30 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

GET
H2 200 gdpr-cmp-ui.js Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 326 KB
82 KB 7ms
7ms Script
application/javascript 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6dbfba471ede6d5d286947ae471abb02656ff5cc5f69374dd133ed2ba11e86c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:30 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 18:20:57 GMT
server: Apache
etag: "5169b-5cc99935ce3d4-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 83207

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
328 B 116ms
116ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fnj1015.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22nj1015%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1634706870452%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 20 Oct 2021 05:14:30 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 57ad148a4bfba2d6bab134a660ad8e8de75027c9da30ba4c810152b587a1eef6
x-transaction: 40e2b97a1254cd60
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame C48E 9 KB
2 KB 24ms
24ms Stylesheet
text/css 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDkDKxDButZ3ltEDLjbe-_g&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDkDKxDButZ3ltEDLjbe-_g&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 06:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Oct 2022 06:35:00 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame C48E 149 KB
44 KB 25ms
25ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDkDKxDButZ3ltEDLjbe-_g&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 14 Oct 2022 13:08:19 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1749163/ 146 B
323 B 98ms
33ms XHR
application/json 52.16.211.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1749163/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.a781ddf321f3456bdb6f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.211.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-211-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 20 Oct 2021 05:14:30 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 en.json Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/ 4 KB
1 KB 7ms
7ms XHR
application/json 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/en.json
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:30 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 18:20:57 GMT
server: Apache
etag: "f30-5cc99935cff3c-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1178

POST
H2 204 event Show response
api.conversant.mgr.consensu.org/gdpr/cmp/ 0
115 B 69ms
69ms XHR
text/plain 64.158.223.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.158.223.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-usadmm.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://nj1015.com
date: Wed, 20 Oct 2021 05:14:30 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ Frame C48E 125 KB
41 KB 31ms
31ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

e05e0cd6e07cc40ce5a92fca6cb78c2b64706a3a33f912cb26d64f8046166681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 21:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41810
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 19 Oct 2022 21:44:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 105 KB
40 KB 82ms
29ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K346HJZ

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

998ffdf5c0108d64882bca1222045816eb83f5179157d5c0565c4ef7344b460a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40640
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Oct 2021 05:14:30 GMT

GET
H2 200 tag Show response
btloader.com/ 47 KB
11 KB 78ms
31ms Script
application/javascript 104.26.7.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5642230212591616&upapi=true
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1810a29de502fbe12f94c149e6af6f4001de6df01ccec6a9da0f2b5824a683cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a0fc356effa4257-LHR
date: Wed, 20 Oct 2021 05:14:30 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 977
etag: W/"c28fedca8e2553fcfbcac4e17132c2a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2uAt%2Ft2nkJsExNdIiH%2BBJ24FlRnqyyMy4wVuy2H6KgMa6rGzicOeW624rAUurVFsNU0eeDFn%2BtBsFEpFW%2BHUmm7k87eFApcxCDfYmY9UOTda5%2BNuPBmX6RopvW4HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
content-encoding: br

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WKXWFM&ncv=24
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WKXWFM&ncv=24

5 B
254 B

368ms
358ms

Script
text/html

104.18.11.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WKXWFM&ncv=24
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6a0fc35918012163-DUS
content-language: de-DE
p3p: CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html;charset=ISO-8859-1

Redirect headers

date: Wed, 20 Oct 2021 05:14:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=iso-8859-1
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WKXWFM&ncv=24
cf-ray: 6a0fc356dd0e2163-DUS

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24

5 B
587 B

133ms
125ms

Script
text/html

104.18.11.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6a0fc35918032163-DUS
content-language: de-DE
p3p: CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html;charset=ISO-8859-1

Redirect headers

date: Wed, 20 Oct 2021 05:14:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=iso-8859-1
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
cf-ray: 6a0fc356dd102163-DUS

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 24ms
8ms Script
application/javascript 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 02:23:37 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 10254
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 5ysFojNfSxMIrleYdoEKf7ekVLAWBgm_QGuKGMO9n5HBCdF_Cg6QwQ==

GET
H2 200 pubcid.min.js Show response
townsquare.media/public/resources/js/ 57 KB
18 KB 7ms
7ms Script
application/javascript 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/pubcid.min.js

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) / Express

Resource Hash

f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:30 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 53423
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 18369
last-modified: Tue, 30 Mar 2021 01:10:25 GMT
server: ECS (frb/67BD)
etag: W/"e26f-17880ae892d"
x-frame-options: SAMEORIGIN
x-varnish: 534835184 533853393
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:29 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
685 B 70ms
21ms Image
image/x-icon 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 09:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71941
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Oct 2021 09:15:29 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
923 B 66ms
24ms Image
image/gif 172.67.69.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.21880568660485578
Requested by: Host: nj1015.com
URL: https://nj1015.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Wed, 20 Oct 2021 05:14:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2872
x-guploader-uploadid: ABg5-UwIVocq8Pej-IyrhyQP70qMn0-j0BYJ2GXr_P5APEDeUATu5Qr8OVbJfBCiXfuVsVKPjcAtYDqLNnPX994KtpY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5btiB%2F7Jh1QeRYaXCm%2BHXeUmpJaOjsovE%2FKdKzI%2F6Zo%2BRjEKASW8TzpaR9b90ri4nxWqq%2BuN3jUt4XWhl%2F7VzHsn1qIG1Yxhm7zqjNIqx9uoeucPFJ1F2zp66ZmVvGwcg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 6a0fc3576fe53b9d-CDG
expires: Wed, 20 Oct 2021 05:26:38 GMT

GET
H3 200 613172405857271 Show response
connect.facebook.net/signals/config/ 490 KB
144 KB 162ms
162ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/613172405857271?v=2.9.47&r=stable

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

49c39869fae35705852a449ced6b41870e1ae112e87ceda2637cb6dd0c7c5944

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: KLho72pc6x39y6R06sHwyUSjaqKsOI1kJpR+pYiDfDGh7kieuSFp1o91/pLU05Y8puiTztcEZsUSuIfjBUOOvQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 20 Oct 2021 05:14:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 pv Show response
api.btloader.com/ 0
96 B 189ms
128ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=FJw6Eu9uF&w=5633661832527872&o=5642230212591616&cv=2.0.2-2-gfdc9054&r=false&pageURL=https%3A%2F%2Fnj1015.com%2F&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5642230212591616&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 20 Oct 2021 05:14:31 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: clear
via: 1.1 google

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 365 KB
54 KB 66ms
35ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPBHSJZ

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

43384959783d38f24dbd5628f107a49a78cf91b421e08782b4758a9b896360fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55637
x-xss-protection: 0
expires: Wed, 20 Oct 2021 05:14:31 GMT

GET
H2 200 geo Show response
cdn.mmctsvc.com/.mc/ 58 B
419 B 65ms
46ms Fetch
application/json 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/.mc/geo
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8d7ea423aa6b3c67d811ba1ce6367a67b5880166d717fcd9d582f13e88047497

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:31 GMT
content-encoding: gzip
last-modified: 2017-01-13
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 6000
content-length: 75

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=613172405857271&ev=PageView&dl=https%3A%2F%2Fnj1015.com%2F&rl=&if=false&ts=1634706871011&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1634706869824.13511798&it=1634706869018&coo=false&exp=p0&rqm=GET

Requested by

Host: nj1015.com
URL: https://nj1015.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.35 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 20 Oct 2021 05:14:31 GMT

POST
H2 200 impressions
promotions.minutemediaservices.com/ 0
0 488ms
451ms Ping
application/json 13.32.99.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.minutemediaservices.com/impressions
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-16.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 403 nj1015.com Show response
pubcast-files.remixd.com/player-configs/ 111 B
472 B 180ms
140ms Fetch
application/xml 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pubcast-files.remixd.com/player-configs/nj1015.com
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 08142330655deb1526dcc56795c92eb5c13012f75b599d5ac68db4027953ed80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:31 GMT
server: UploadServer
x-guploader-uploadid: ADPycdud4n6CdQGhOO57Rv7egDlumXPjMOdKyCmDV7xClsYv5UNShodJtyx29LJEIPB4HMy4GstJrvNEC7y984yl9xw
content-type: application/xml; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: private, max-age=0
alt-svc: clear
content-length: 111
expires: Wed, 20 Oct 2021 05:14:31 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=613172405857271&ev=Microdata&dl=https%3A%2F%2Fnj1015.com%2F&rl=&if=false&ts=1634706871513&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22New%20Jersey%20101.5%20%E2%80%93%20Proud%20to%20be%20New%20Jersey%20%E2%80%93%20New%20Jersey%20News%20Radio%22%2C%22meta%3Adescription%22%3A%22NJ1015.com%2C%20the%20website%20of%20New%20Jersey%20101.5%2C%20Townsquare%20Media%27s%20WKXW-FM%20Radio%2C%20with%20the%20best%20news%2C%20weather%20and%20traffic%20coverage%20in%20New%20Jersey.%22%2C%22meta%3Akeywords%22%3A%22new%20jersey%20news%2C%20news%20new%20jersey%2C%20news%20radio%20new%20jersey%2C%20new%20jersey%20news%20radio%2C%20new%20jersey%20talk%20radio%2C%20talk%20radio%20new%20jersey%2C%20new%20jersey%5C%5C%27s%20first%20news%2C%20traffic%2C%20weather%2C%20school%20closings%2C%20business%2C%20health%2C%20nation%2C%20world%2C%20entertainment%2C%20sports%2C%20nj101.5%2C%20new%20jersey%20101.5%2C%20nj%20101.5%2C%20WKXW%2C%20WKXW-FM%2C%20WKXW%20FM%2C%20WKXWFM%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22New%20Jersey%20101.5%20%E2%80%93%20Proud%20to%20be%20New%20Jersey%20%E2%80%93%20New%20Jersey%20News%20Radio%22%2C%22og%3Adescription%22%3A%22NJ1015.com%2C%20the%20website%20of%20New%20Jersey%20101.5%2C%20Townsquare%20Media%27s%20WKXW-FM%20Radio%2C%20with%20the%20best%20news%2C%20weather%20and%20traffic%20coverage%20in%20New%20Jersey.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fnj1015.com%2F%22%2C%22og%3Asite_name%22%3A%22New%20Jersey%20101.5%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Ftownsquare.media%2Fsite%2F385%2Ffiles%2F2018%2F08%2Fnj1015b2.png%3Fw%3D250%26zc%3D1%26s%3D0%26a%3Dt%26q%3D90%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1634706869824.13511798&it=1634706869018&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.35 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 20 Oct 2021 05:14:31 GMT

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 440C
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

9ms
9ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 2f1e675f2ce9803e08ceb2ae10986adbe731af5f133bc7f5e74f2cf842916617

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?&ld=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nj1015.com/
accept-encoding: gzip, deflate, br
cookie: tluid=12624249444246853543
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
content-type: text/html; charset=utf-8
content-length: 465
set-cookie: sync=CgoIgQIQn7f94MkvCgoI4gEQn7f94MkvCgoI5gEQn7f94MkvCgoIhwIQn7f94MkvCgkICRCft_3gyS8KCQg6EJ-3_eDJLwoJCAsQn7f94MkvCgoIjAIQn7f94MkvCgoIzgEQn7f94MkvCgkIXxCft_3gyS8=; Max-Age=7776000; Expires=Tue, 18 Jan 2022 05:14:33 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=12624249444246853543; Max-Age=7776000; Expires=Tue, 18 Jan 2022 05:14:33 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Wed, 20 Oct 2021 05:14:33 GMT
content-length: 0
set-cookie: tluid=12624249444246853543; Max-Age=7776000; Expires=Tue, 18 Jan 2022 05:14:33 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 501B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=bf37616f-a5b8-4700-bd72-1287d96bfc0a&gdpr=1&gdpr_consent=

35 B
237 B

44ms
35ms

Document
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=bf37616f-a5b8-4700-bd72-1287d96bfc0a&gdpr=1&gdpr_consent=
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=bf37616f-a5b8-4700-bd72-1287d96bfc0a&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nj1015.com/
accept-encoding: gzip, deflate, br
cookie: cs=true; loc=SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdzACEQ3JcDkYSa8DRCNeggGFXoqrKYmvNRYbDiv5cjMZA; vst=e_fd31f898-b662-438a-a225-ae08c725c62d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3984 0e3af3b master zrh-pixel-x27 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=bf37616f-a5b8-4700-bd72-1287d96bfc0a; domain=.mathtag.com; path=/; expires=Thu, 17-Nov-2022 05:14:32 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=bf37616f-a5b8-4700-bd72-1287d96bfc0a&gdpr=1&gdpr_consent=
Expires: Wed, 20 Oct 2021 05:14:32 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6146 38 KB
14 KB 35ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nj1015.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

server: Apache/2.2.15 (CentOS)
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=103803
expires: Thu, 21 Oct 2021 10:04:36 GMT
date: Wed, 20 Oct 2021 05:14:33 GMT
vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 8490 1006 B
861 B 31ms
25ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=0
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: ac35ef850c04d9b1703908a7e5b6923eb06d5037f41b61608886fae0284e33cd

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nj1015.com/
accept-encoding: gzip, deflate, br
cookie: i=2e4ddf50-d187-0e11-30d2-ff17b88edfa3|1634706869
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=2e4ddf50-d187-0e11-30d2-ff17b88edfa3|1634706869; Version=1; Expires=Thu, 20-Oct-2022 05:14:33 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1634706873|mOgeginskin0vNomiygu; Version=1; Expires=Thu, 04-Nov-2021 05:14:33 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.217.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 20 Oct 2021 05:14:33 GMT
content-type: text/html
content-length: 543
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame C18A 2 KB
1 KB 7ms
7ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://nj1015.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Wed, 20 Oct 2021 05:14:33 GMT
Connection: keep-alive

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame F8C6 21 KB
8 KB 59ms
36ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c35e8f056a211a308b07c31c7ede0cb984808e2effdb8bcf9b22ba476ef63739

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nj1015.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sat, 23 Apr 2022 05:14:33 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Fri, 22 Oct 2021 05:14:33 GMT
date: Wed, 20 Oct 2021 05:14:33 GMT
content-length: 7778

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame 3A6C 9 KB
3 KB 47ms
6ms Document
text/html 18.66.97.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fe69124b7da8ef9870f67e0a05a6b7f17d76aa76b20121580a703df696ce40e

Request headers

:method: GET
:authority: cdn.undertone.com
:scheme: https
:path: /js/usersync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nj1015.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

content-type: text/html
x-amz-replication-status: COMPLETED
last-modified: Wed, 06 Oct 2021 14:57:28 GMT
x-amz-version-id: ZYVaSYMkko8_M0fa4kKdlwZQWzXnHpnx
server: AmazonS3
content-encoding: gzip
date: Tue, 19 Oct 2021 19:45:18 GMT
etag: W/"fd97e71746377abcf665b323d9eb670c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: VJzniSVCF5n2VGCwDOo1IQ8KI6YwYq2NTPBfTJnO-PSDBwXyBPkbKg==
age: 34156

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 907F 70 B
264 B 33ms
33ms Document
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nj1015.com/
accept-encoding: gzip, deflate, br
cookie: TDID=2de420a3-0165-4cb1-adbf-9ebb89bab0f9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

2000775.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 3D3E
Redirect Chain

https://sync.serverbid.com/ss/2000775.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html

5 KB
5 KB

77ms
15ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

fa18546f5b5a6667698d38979f6142d1342535e5e2a382348f9d4dca5d7d6965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://nj1015.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Connection: Keep-Alive
Cache-Control: max-age=58684
Content-Length: 4811
Content-Type: text/html
Last-Modified: Tue, 08 Dec 2020 16:33:02 GMT
Accept-Ranges: bytes
etag: "d7f9e977559b1f622a29df6af2acb392"
x-amz-request-id: tx0000000000000033172e8-00616f3868-82ef209-nyc3a
age: 268
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-rgw-object-type: Normal
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1634706873.dop244.am5.t,1634706873.cds286.am5.shn,1634706873.dop244.am5.t,1634706873.cds145.am5.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
cache-control: no-cache

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E782 281 B
554 B 30ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://nj1015.com/
Accept-Encoding: gzip, deflate, br
Cookie: rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=; khaos=KUZ29HFU-27-G7J8; audit=1|naVuGyos1qoCmHU5ufrZaeNF7N8VGS2LOh91/hZsWhzmXZin+bf4KfyXVrVCwtUQJhsHlJbldDcko6/OPg0GXKZr5ZVxLWDe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
ETag: "403b8-119-5cd3a8e7e6a80"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Oct 2021 05:14:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

usersync
rtb.gumgum.com/
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=7731849333306481492

35 B
237 B

37ms
35ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=7731849333306481492
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:33 GMT
X-Proxy-Origin: 216.131.111.39; 216.131.111.39; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8fcb02fd-4e86-43e2-ab38-4832ec1fd8a1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=7731849333306481492
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=16767551-4aa8-4f41-a43b-0bba3409b797

35 B
237 B

38ms
35ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=16767551-4aa8-4f41-a43b-0bba3409b797
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=16767551-4aa8-4f41-a43b-0bba3409b797
date: Wed, 20 Oct 2021 05:14:33 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET

7.gif
id5-sync.com/c/441/160/3/
Redirect Chain

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOovDa4Q3riWBBu8EogMtZJEMuRKUGC1_2vQDVgQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
https://id5-sync.com/cq/441/916/8/2.gif?puid=16767551-4aa8-4f41-a43b-0bba3409b797&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOovDa4Q3riWBBu8EogMtZJEMuRKUGC1_2vQDVgQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
https://id5-sync.com/cq/441/124/7/3.gif?puid=16767551-4aa8-4f41-a43b-0bba3409b797&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/441/146/6/4.gif?puid=e9ca7de2-7264-4175-81aa-404572b260bd&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDG-nJ5mMDH_pWNRXmJ1sMI&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7731849333306481492&opid=apx&ops=&utidl=tech:goo:CAESEDG-nJ5mMDH_pWNRXmJ1sMI&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A21682816348&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/19/4/6.gif?puid=ddc1bcbd0907e7f2ce8cb506de213328&gdpr=1&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOovDa4Q3riWBBu8EogMtZJEMuRKUGC1_2vQDVgQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
https://id5-sync.com/c/441/160/3/7.gif?puid=41301030295077625958554878856946451938&gdpr=1&gdpr_consent=

0
0

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame C0FB 54 B
326 B 40ms
17ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPOXHkgPOXHkgAXADAENBxCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQ6AUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoO9jTCEMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA&d=https://nj1015.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Content-Length: 54
Expires: Wed, 20 Oct 2021 05:14:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:33 GMT
Connection: keep-alive

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 8490
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=kMDB6LQ41MD3VT5

43 B
106 B

25ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=kMDB6LQ41MD3VT5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:33 GMT
Server: PingMatch/v2.0.30-689-g30920c0#rel-ec2-master i-0081ebc652be302bb@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=kMDB6LQ41MD3VT5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8490
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3D...
https://x.bidswitch.net/sync?dsp_id=354&user_id=6324d00c9fb14d059d4b0ba5b30c81ed&ssp=openx&bsw_param=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8&gdpr=&consent=&gdpr_pd=&expires=7
https://us-u.openx.net/w/1.0/sd?id=537072968&val=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8

43 B
106 B

24ms
24ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:34 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //us-u.openx.net/w/1.0/sd?id=537072968&val=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8
Date: Wed, 20 Oct 2021 05:14:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 8490
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7731849333306481492

43 B
122 B

26ms
24ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7731849333306481492
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:33 GMT
X-Proxy-Origin: 216.131.111.39; 216.131.111.39; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4be479c1-999d-4575-9547-983cb33629e4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7731849333306481492
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8490
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHekRrN0MzMHNBQUJXd1JZQVo0Zw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGzDk7C30sAABWwRYAZ4g&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGzDk7C30sAABWwRYAZ4g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3655208771924687483
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGzDk7C30sAABWwRYAZ4g&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D3655208771924687483%26bee_sync_partners%3Dox%26bee_sync...
https://match.prod.bidr.io/cookie-sync?userid=3655208771924687483&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAGzDk7C30sAABWwRYAZ4g&pid=558502&d...
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGzDk7C30sAABWwRYAZ4g

43 B
106 B

57ms
57ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGzDk7C30sAABWwRYAZ4g
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:34 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGzDk7C30sAABWwRYAZ4g
Date: Wed, 20 Oct 2021 05:14:34 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 8490
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=bf37616f-a5b8-4700-bd72-1287d96bfc0a

43 B
106 B

27ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=bf37616f-a5b8-4700-bd72-1287d96bfc0a
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=bf37616f-a5b8-4700-bd72-1287d96bfc0a
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 20 Oct 2021 05:14:32 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8490
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3djhSYrctRbG3uJL09v6TomI50vG0e9Oid-85N89

43 B
106 B

26ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3djhSYrctRbG3uJL09v6TomI50vG0e9Oid-85N89
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3djhSYrctRbG3uJL09v6TomI50vG0e9Oid-85N89
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 8490
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8509317639024795850

43 B
106 B

26ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8509317639024795850
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8509317639024795850
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 8490 70 B
264 B 38ms
37ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=fde1e009-7800-31e6-6a04-37ffdca9ec5e&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8490
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDE4ZTMzYzMtYjE3Ny02ZjQyLTdmZTQtNmQ0NjE2NGIyMjNl
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDE4ZTMzYzMtYjE3Ny02ZjQyLTdmZTQtNmQ0NjE2NGIyMjNl&google_tc=

170 B
188 B

43ms
24ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDE4ZTMzYzMtYjE3Ny02ZjQyLTdmZTQtNmQ0NjE2NGIyMjNl&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=0

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDE4ZTMzYzMtYjE3Ny02ZjQyLTdmZTQtNmQ0NjE2NGIyMjNl&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8490
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPPRqBpKraXyZhg9LfBQTAU&google_cver=1

43 B
106 B

25ms
24ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPPRqBpKraXyZhg9LfBQTAU&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPPRqBpKraXyZhg9LfBQTAU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6146 3 KB
3 KB 91ms
22ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=76148709&p=156725&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a9066d622198805586a155860f77c0c2bad49f29c23d6538b71db189b6089908

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 440C 70 B
264 B 37ms
32ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 440C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMivBDHVw5F4Y1lVyOdZ-OQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
353 B

9ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMivBDHVw5F4Y1lVyOdZ-OQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMivBDHVw5F4Y1lVyOdZ-OQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 440C
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2MjQyNDk0NDQyNDY4NTM1NDM%3D
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2MjQyNDk0NDQyNDY4NTM1NDM%3D&google_tc=

170 B
188 B

25ms
25ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2MjQyNDk0NDQyNDY4NTM1NDM%3D&google_tc=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2MjQyNDk0NDQyNDY4NTM1NDM%3D&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 440C 0
462 B 426ms
144ms Image
text/plain 108.174.11.69
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=12624249444246853543&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.11.69 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-11-69.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: pDURnz2lrxYgCEdo1CoAAA==

GET
H2

200

xuid
eb2.3lift.com/ Frame 440C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/12624249444246853543?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-X9GQ14RE2oQsb2a8RyKopJxJEEF281W3JKzY3opEvg--~A&dongle=0883

37 B
353 B

10ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-X9GQ14RE2oQsb2a8RyKopJxJEEF281W3JKzY3opEvg--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Wed, 20 Oct 2021 05:14:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-X9GQ14RE2oQsb2a8RyKopJxJEEF281W3JKzY3opEvg--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 440C 43 B
220 B 23ms
7ms Image
image/gif 18.185.142.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=12624249444246853543&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.142.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-142-87.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame 440C 42 B
478 B 65ms
29ms Image
image/gif 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=12624249444246853543&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
etag: "af5a8b34ac1d71:0"
last-modified: Thu, 14 Oct 2021 22:27:41 GMT
x-msedge-ref: Ref A: D04754A4FF994D929C2048962919CD0D Ref B: FRA31EDGE0619 Ref C: 2021-10-20T05:14:33Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 440C
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12624249444246853543
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12624249444246853543&dcc=t

0
0

99ms
99ms

Image
text/html

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12624249444246853543&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.54.178.82 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:33 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TS7Y7QMXGWBYCNKT272N
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12624249444246853543&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 440C
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

16ms
15ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 440C
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=2528222965152317430&dongle=d407

37 B
353 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=2528222965152317430&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=2528222965152317430&dongle=d407
pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E782 31 KB
9 KB 14ms
11ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=32583
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9275
Expires: Wed, 20 Oct 2021 14:17:36 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D549
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
554 B

7ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cdn.undertone.com/
Accept-Encoding: gzip, deflate, br
Cookie: rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=; khaos=KUZ29HFU-27-G7J8; audit=1|naVuGyos1qoCmHU5ufrZaeNF7N8VGS2LOh91/hZsWhzmXZin+bf4KfyXVrVCwtUQJhsHlJbldDcko6/OPg0GXKZr5ZVxLWDe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
ETag: "403b8-119-5cd3a8e7e6a80"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Oct 2021 05:14:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=12776
Date: Wed, 20 Oct 2021 05:14:33 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 3A6C
Redirect Chain

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=7731849333306481492

0
154 B

430ms
97ms

Image
text/plain

107.23.118.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=7731849333306481492
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.118.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-118-141.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:33 GMT
X-Proxy-Origin: 216.131.111.39; 216.131.111.39; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bd7965df-3fda-4726-95bb-13aa7466a6e9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=7731849333306481492
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 3A6C
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=b68c872e-78af-0d85-0081-28382b05cc0c

0
308 B

424ms
96ms

Image
text/plain

107.23.118.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=b68c872e-78af-0d85-0081-28382b05cc0c
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.118.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-118-141.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

date: Wed, 20 Oct 2021 05:14:33 GMT
content-encoding: gzip
server: OXGW/16.217.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=b68c872e-78af-0d85-0081-28382b05cc0c
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 3A6C
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9c99fa34-3164-11ec-8b7b-020b1bec13a0
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9c99fa34-3164-11ec-8b7b-020b1bec13a0&verify=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-tF2JHXZE2uFPH8N8UsVUd0dSkS4KJvLh~A~UP9c99fa34-3164-11ec-8b7b-020b1bec13a0

0
154 B

370ms
93ms

Image
text/plain

107.23.118.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-tF2JHXZE2uFPH8N8UsVUd0dSkS4KJvLh~A~UP9c99fa34-3164-11ec-8b7b-020b1bec13a0
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.118.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-118-141.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-tF2JHXZE2uFPH8N8UsVUd0dSkS4KJvLh~A~UP9c99fa34-3164-11ec-8b7b-020b1bec13a0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 3A6C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9&ttl=1637298873

0
154 B

424ms
99ms

Image
text/plain

107.23.118.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=ttd&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9&ttl=1637298873
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.118.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-118-141.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://usr.undertone.com/userPixel/sync?partner=ttd&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9&ttl=1637298873
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 247

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 3A6C 0
239 B 40ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 3A6C
Redirect Chain

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=dbb1febdc9bec68bc4e83680c0ce3bb234af521f

0
154 B

246ms
94ms

Image
text/plain

107.23.118.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=dbb1febdc9bec68bc4e83680c0ce3bb234af521f
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.118.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-118-141.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Location: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=dbb1febdc9bec68bc4e83680c0ce3bb234af521f
Date: Wed, 20 Oct 2021 05:14:33 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 3A6C
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=721080ca-da5d-4fde-ad90-ddb6f445930d&expires=1&user_group=5&ssp=pubmatic&bsw_param=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8&gdpr=&gdpr_consent=&gdpr_pd=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D1A7016B9-61FC-41D8-A230-160928EEB3A7
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1A7016B9-61FC-41D8-A230-160928EEB3A7

0
308 B

162ms
98ms

Image
text/plain

107.23.118.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1A7016B9-61FC-41D8-A230-160928EEB3A7
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.118.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-118-141.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
x-envoy-upstream-service-time: 5
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1A7016B9-61FC-41D8-A230-160928EEB3A7
date: Wed, 20 Oct 2021 05:14:32 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 3A6C
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpa...
https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553

0
327 B

131ms
97ms

Image
text/plain

107.23.118.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.118.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-118-141.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D549 31 KB
9 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=32583
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9275
Expires: Wed, 20 Oct 2021 14:17:36 GMT

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame AD6F 35 B
468 B 20ms
19ms Document
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=1A7016B9-61FC-41D8-A230-160928EEB3A7

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?party=14&cid=1A7016B9-61FC-41D8-A230-160928EEB3A7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: C=1; uid=8509317639024795850
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 20 Oct 2021 05:14:33 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=8509317639024795850; expires=Sun, 19 Dec 2021 05:14:33 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 56E1
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6633041296076121006
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...

85 B
166 B

17ms
16ms

Document
image/png

151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAKfPionAA6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method: GET
:authority: sync-tm.everesttech.net
:scheme: https
:path: /ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAKfPionAA6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: everest_g_v2=g_surferid~YW_luQAKfFmonQA6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

content-type: image/png
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
age: 2670
x-served-by: cache-hhn4025-HHN
x-cache: HIT
x-cache-hits: 14409
x-timer: S1634706874.918206,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 85

Redirect headers

p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~YW_luQAKfPionAA6; Path=/; Domain=.everesttech.net; Expires=Thu, 20-Oct-2022 05:14:33 GMT; Max-Age=31536000;SameSite=None;Secure
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAKfPionAA6
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
x-served-by: cache-hhn4025-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1634706874.808068,VS0,VE94
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame F341 43 B
334 B 44ms
13ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Wed, 20 Oct 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 407448

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6146
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GnAWuWH8QdiiMBYJKO6zpw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

8ms
8ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=105237
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Thu, 21 Oct 2021 10:28:30 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 6146
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bf37616f-a5b8-4700-bd72-1287d96bfc0a

0
260 B

64ms
14ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bf37616f-a5b8-4700-bd72-1287d96bfc0a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:32 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x30 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bf37616f-a5b8-4700-bd72-1287d96bfc0a
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 20 Oct 2021 05:14:32 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 6146
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=1A7016B9-61FC-41D8-A230-160928EEB3A7
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=ddc1bcbd0907e7f2ce8cb506de213328
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=2de420a3-0165-4cb1-adbf-9ebb89bab0f9&icm
https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=2405d6c6533d3d38
https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=2405d6c6533d3d38
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mm4zbjY4ZHlJanNKa1NieWM5WDdlM1FWQU95YWVPUG5rdmJ6TGduWGhfa2s&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEMDNE3NjeJhdESg-Av60QNQ&google_cver=1
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2528222965152317430&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90
https://ps.eyeota.net/match?bid=7vi0rg0&uid=bf37616f-a5b8-4700-bd72-1287d96bfc0a&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%...
https://ps.eyeota.net/match?uid=YW_luQAKfFmonQA6&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1
https://ps.eyeota.net/match?uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9&bid=1e2n4ou

70 B
440 B

11ms
11ms

Image
image/gif

3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9&bid=1e2n4ou
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 05:14:34 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:34 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ps.eyeota.net/match?uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9&bid=1e2n4ou
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 191

GET
H2

200

b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 6146
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUE3MDE2QjktNjFGQy00MUQ4LUEyMzAtMTYwOTI4RUVCM0E3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...

85 B
149 B

11ms
6ms

Image
image/png

151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAAAd5m3gAR
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 2670
x-served-by: cache-hhn4025-HHN
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1634706874.941475,VS0,VE0
content-length: 85
x-cache-hits: 14413

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1634706874.808469,VS0,VE93
x-served-by: cache-hhn4025-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAAAd5m3gAR
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

200

b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 6146
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDssPve_9345jBzTV4-gG98&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...

85 B
149 B

12ms
7ms

Image
image/png

151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAAAcR9PwAT
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 2670
x-served-by: cache-hhn4025-HHN
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1634706874.941315,VS0,VE0
content-length: 85
x-cache-hits: 14410

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1634706874.808333,VS0,VE90
x-served-by: cache-hhn4025-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAAAcR9PwAT
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 pubmatic
um.simpli.fi/ Frame 6146 43 B
612 B 55ms
13ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 19 Oct 2021 05:14:33 GMT

GET
H2

200

b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 6146
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2de420a3-0165-4cb1-adbf-9ebb89bab0f9
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...

85 B
149 B

12ms
6ms

Image
image/png

151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAAAb19SgAT
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 2670
x-served-by: cache-hhn4025-HHN
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1634706874.941378,VS0,VE0
content-length: 85
x-cache-hits: 14411

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1634706874.808208,VS0,VE92
x-served-by: cache-hhn4025-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAAAb19SgAT
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

200

b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 6146
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8509317639024795850
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...

85 B
142 B

12ms
6ms

Image
image/png

151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAAAFtm2gAR
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 2670
x-served-by: cache-hhn4025-HHN
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1634706874.941440,VS0,VE0
content-length: 85
x-cache-hits: 14413

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1634706874.808509,VS0,VE92
x-served-by: cache-hhn4025-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAAAFtm2gAR
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6146
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bf37616f-a5b8-4700-bd72-1287d96bfc0a&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YW_luQAKfFmonQA6&gdpr=0&gdpr_consent=&_test=YW_luQAKfFmonQA6

1 B
254 B

12ms
12ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YW_luQAKfFmonQA6&gdpr=0&gdpr_consent=&_test=YW_luQAKfFmonQA6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:32 GMT
cache-control: no-store, no-cache, private
x-lat: amspug016:0:327
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1634706874.941612,VS0,VE0
x-served-by: cache-hhn4025-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YW_luQAKfFmonQA6&gdpr=0&gdpr_consent=&_test=YW_luQAKfFmonQA6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 6146
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7731849333306481492&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...

85 B
149 B

13ms
8ms

Image
image/png

151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAAAcR9TwAT
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 2670
x-served-by: cache-hhn4025-HHN
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1634706874.941567,VS0,VE0
content-length: 85
x-cache-hits: 14415

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1634706874.808566,VS0,VE93
x-served-by: cache-hhn4025-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAAAcR9TwAT
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

200

b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 6146
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tqxDDOGoF1OtqkAOuK9YC-L8RQ6tpU0L4qv26B0w
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...

85 B
149 B

11ms
6ms

Image
image/png

151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAKfRuomgA6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 2670
x-served-by: cache-hhn4025-HHN
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1634706874.941527,VS0,VE0
content-length: 85
x-cache-hits: 14414

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1634706874.808259,VS0,VE93
x-served-by: cache-hhn4025-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YW_luQAKfRuomgA6
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 6146
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1A7016B9-61FC-41D8-A230-160928EEB3A7&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1A7016B9-61FC-41D8-A230-160928EEB3A7&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Eg10gv9E2uWE0w_knPix8DJXPSgIB.M-~A&gdpr=0&gdpr_consent=

0
48 B

38ms
13ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Eg10gv9E2uWE0w_knPix8DJXPSgIB.M-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:32 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Eg10gv9E2uWE0w_knPix8DJXPSgIB.M-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 1A7016B9-61FC-41D8-A230-160928EEB3A7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6146 43 B
874 B 35ms
31ms Image
image/gif 52.30.199.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/1A7016B9-61FC-41D8-A230-160928EEB3A7?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.199.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-199-223.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2 204 um
cs.emxdgt.com/ Frame 5BC5 0
0 116ms
8ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-type: text/html
date: Wed, 20 Oct 2021 05:14:33 GMT
content-length: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 01CA
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

13ms
11ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Cookie: rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=; khaos=KUZ29HFU-27-G7J8; audit=1|naVuGyos1qoCmHU5ufrZaeNF7N8VGS2LOh91/hZsWhzmXZin+bf4KfyXVrVCwtUQJhsHlJbldDcko6/OPg0GXKZr5ZVxLWDe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
ETag: "403b8-119-5cd3a8e7e6a80"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Oct 2021 05:14:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Wed, 20 Oct 2021 05:14:33 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK Cookie set uc.html Show response
go.sonobi.com/ Frame 3057 43 B
573 B 121ms
19ms Document
text/html 178.162.133.148
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sonobi.com/uc.html?pubid=e55fb5d7c2

Requested by

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.148 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Cookie: HAPLB5A=s56128|YW+lu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-ams-1-7-8
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5G=s578|YW+lv; path=/; domain=.go.sonobi.com; SameSite=None; secure

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame 579F 17 KB
6 KB 99ms
14ms Document
text/html 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2F8) /
Resource Hash: 62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e

Request headers

:method: GET
:authority: ad-cdn.technoratimedia.com
:scheme: https
:path: /html/usersync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 842
cache-control: max-age=900
content-type: text/html; charset=UTF-8
date: Wed, 20 Oct 2021 05:14:33 GMT
etag: "450f-5c7a90520f640"
expires: Wed, 20 Oct 2021 05:29:33 GMT
last-modified: Wed, 21 Jul 2021 21:40:33 GMT
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server: ECAcc (frd/E2F8)
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-varnish: 530316270
content-length: 5566

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4AF5 14 KB
5 KB 33ms
29ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding: gzip, deflate, br
cookie: KCCH=YES; KADUSERCOOKIE=1A7016B9-61FC-41D8-A230-160928EEB3A7; DPSync3=1635897600%3A201_197_219%7C1634774400%3A174; KTPCACOOKIE=YES; SyncRTB3=1635984000%3A35%7C1635292800%3A223%7C1635897600%3A3_8_54_161_71_220_21_13_56_7%7C1635552000%3A63; ipc=160318^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID^2^0; chkChromeAb67Sec=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=105237
expires: Thu, 21 Oct 2021 10:28:30 GMT
date: Wed, 20 Oct 2021 05:14:33 GMT
vary: Accept-Encoding

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 3D3E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7731849333306481492

43 B
294 B

110ms
108ms

Image
image/gif

167.172.1.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7731849333306481492
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.1.14 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:33 GMT
X-Proxy-Origin: 216.131.111.39; 216.131.111.39; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0348ba7b-0bcf-4bed-a326-976a61e532af
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7731849333306481492
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 services
sync.technoratimedia.com/ Frame 3D3E 0
315 B 317ms
94ms Image
text/plain 193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D51%26userId%3D%5BUSER_ID%5D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 677305905
access-control-allow-origin: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
access-control-allow-credentials: true

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 3D3E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YW.luZ5G1GJA6Oe4vtvPrwAA%261135

43 B
294 B

103ms
103ms

Image
image/gif

167.172.1.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YW.luZ5G1GJA6Oe4vtvPrwAA%261135
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.1.14 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YW.luZ5G1GJA6Oe4vtvPrwAA%261135
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Wed, 20 Oct 2021 05:14:33 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 3D3E
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=10a48cab46e5dc3e83464d75

43 B
294 B

110ms
109ms

Image
image/gif

167.172.1.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=10a48cab46e5dc3e83464d75
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.1.14 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Redirect headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=10a48cab46e5dc3e83464d75
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 3D3E 0
478 B 116ms
19ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=

Requested by

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:33 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 3D3E
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP9c99fa34-3164-11ec-8b7b-020b1bec13a0
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP9c99fa34-3164-11ec-8b7b-020b1bec13a0

43 B
294 B

103ms
103ms

Image
image/gif

167.172.1.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP9c99fa34-3164-11ec-8b7b-020b1bec13a0
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.1.14 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Redirect headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP9c99fa34-3164-11ec-8b7b-020b1bec13a0
Connection: keep-alive
Content-Length: 0

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 3D3E
Redirect Chain

https://x.bidswitch.net/sync?ssp=consumable
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=c06e85f0-aa6a-5325-b97b-5b95d814fe2c&ssp=consumable&expires=30&user_group=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8

43 B
294 B

103ms
102ms

Image
image/gif

167.172.1.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.1.14 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Redirect headers

Location: //e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=a763d3a6-fcf2-4e0a-b886-9de8452f8dd8
Date: Wed, 20 Oct 2021 05:14:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 01CA 31 KB
9 KB 10ms
9ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=32583
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9275
Expires: Wed, 20 Oct 2021 14:17:36 GMT

GET
H2

204

services Show response
uat-net.technoratimedia.com/ Frame 579F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9

0
301 B

150ms
94ms

Script
text/plain

193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 768610610
access-control-allow-origin: https://ad-cdn.technoratimedia.com/
access-control-allow-credentials: true

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 227

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3C71
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east

281 B
554 B

7ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ad-cdn.technoratimedia.com/
Accept-Encoding: gzip, deflate, br
Cookie: rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=; khaos=KUZ29HFU-27-G7J8; audit=1|naVuGyos1qoCmHU5ufrZaeNF7N8VGS2LOh91/hZsWhzmXZin+bf4KfyXVrVCwtUQJhsHlJbldDcko6/OPg0GXKZr5ZVxLWDe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
ETag: "403b8-119-5cd3a8e7e6a80"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Oct 2021 05:14:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Date: Wed, 20 Oct 2021 05:14:33 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4CDC 14 KB
5 KB 8ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad-cdn.technoratimedia.com/
accept-encoding: gzip, deflate, br
cookie: KCCH=YES; KADUSERCOOKIE=1A7016B9-61FC-41D8-A230-160928EEB3A7; DPSync3=1635897600%3A201_197_219%7C1634774400%3A174; KRTBCOOKIE_391=22924-8509317639024795850&KRTB&23263-8509317639024795850; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:bf37616f-a5b8-4700-bd72-1287d96bfc0a&KRTB&16736-uid:bf37616f-a5b8-4700-bd72-1287d96bfc0a&KRTB&23019-uid:bf37616f-a5b8-4700-bd72-1287d96bfc0a&KRTB&23114-uid:bf37616f-a5b8-4700-bd72-1287d96bfc0a; KRTBCOOKIE_377=6810-2de420a3-0165-4cb1-adbf-9ebb89bab0f9&KRTB&22918-2de420a3-0165-4cb1-adbf-9ebb89bab0f9&KRTB&23031-2de420a3-0165-4cb1-adbf-9ebb89bab0f9; SPugT=1634706872; KRTBCOOKIE_153=19420-tqxDDOGoF1OtqkAOuK9YC-L8RQ6tpU0L4qv26B0w&KRTB&22979-tqxDDOGoF1OtqkAOuK9YC-L8RQ6tpU0L4qv26B0w; KRTBCOOKIE_336=5844-6633041296076121006; KRTBCOOKIE_57=22776-7731849333306481492; KRTBCOOKIE_80=22987-CAESEDssPve_9345jBzTV4-gG98&KRTB&16514-CAESEDssPve_9345jBzTV4-gG98&KRTB&23025-CAESEDssPve_9345jBzTV4-gG98; KRTBCOOKIE_699=22727-AAGzDk7C30sAABWwRYAZ4g; ipc=160318^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID^1^0; chkChromeAb67Sec=3; SyncRTB3=1635984000%3A35%7C1635292800%3A223%7C1635897600%3A8_71_13_3_54_220_21_56_161_7_22%7C1635552000%3A63; KRTBCOOKIE_466=16530-a763d3a6-fcf2-4e0a-b886-9de8452f8dd8; PugT=1634706872
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=105237
expires: Thu, 21 Oct 2021 10:28:30 GMT
date: Wed, 20 Oct 2021 05:14:33 GMT
vary: Accept-Encoding

GET
H2 200 cm Show response
us-u.openx.net/w/1.0/ Frame 3E9F 923 B
864 B 27ms
27ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: b7cddfc2dcfd31ca9eecf166e97c14048d77d38840d96c08ec60713b5a62701d

Request headers

:method: GET
:authority: us-u.openx.net
:scheme: https
:path: /w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad-cdn.technoratimedia.com/
accept-encoding: gzip, deflate, br
cookie: i=2e4ddf50-d187-0e11-30d2-ff17b88edfa3|1634706869; pd=v2|1634706873|mOgeginskin0vNomiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=2e4ddf50-d187-0e11-30d2-ff17b88edfa3|1634706869; Version=1; Expires=Thu, 20-Oct-2022 05:14:33 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1634706873|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi; Version=1; Expires=Thu, 04-Nov-2021 05:14:33 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.217.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 20 Oct 2021 05:14:33 GMT
content-type: text/html
content-length: 538
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 204 /
cdn.districtm.io/ids/ Frame 03C9 0
0 60ms
20ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/?sellerid=101769
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/?sellerid=101769
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad-cdn.technoratimedia.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a0fc369dfd521b1-DUS

GET
H2 204 ps
pixel.33across.com/ Frame 59BA 0
0 327ms
106ms Document
text/plain 208.100.17.174
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.174 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip174.208-100-17.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

:method: GET
:authority: pixel.33across.com
:scheme: https
:path: /ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad-cdn.technoratimedia.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/

Response headers

x-33x-status: 2000208
server: 33XP005
date: Wed, 20 Oct 2021 05:14:33 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 2F18 2 KB
823 B 32ms
8ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=572a470226457b8

Requested by

Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=572a470226457b8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad-cdn.technoratimedia.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 204 technorati
sync.1rx.io/usersync2/ Frame 579F 0
107 B 62ms
16ms Image
text/plain 213.19.147.44
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync2/technorati
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
expires: 0

GET
H2

204

services
sync.technoratimedia.com/ Frame 579F
Redirect Chain

https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=7731849333306481492

0
302 B

141ms
93ms

Image
text/plain

193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=7731849333306481492
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 766807427
access-control-allow-origin: https://ad-cdn.technoratimedia.com/
access-control-allow-credentials: true

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:33 GMT
X-Proxy-Origin: 216.131.111.39; 216.131.111.39; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ab97b6d8-d963-4b63-a0ed-408fa27486ec
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=7731849333306481492
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

services
sync.technoratimedia.com/ Frame 579F
Redirect Chain

https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=

0
301 B

98ms
93ms

Image
text/plain

193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 677305913
access-control-allow-origin: https://ad-cdn.technoratimedia.com/
access-control-allow-credentials: true

Redirect headers

location: https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1506
date: Wed, 20 Oct 2021 05:14:33 GMT
content-length: 185
content-type: text/html; charset=utf-8

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 579F
Redirect Chain

https://sync.bfmio.com/syncb?pid=164
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
https://sync.bfmio.com/sync?pid=106&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9

0
421 B

93ms
93ms

Image
text/plain

54.208.200.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=106&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-200-8.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 20 Oct 2021 05:14:34 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:34 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.bfmio.com/sync?pid=106&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 183

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 579F
Redirect Chain

https://sync.bfmio.com/syncb?pid=163
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
https://sync.bfmio.com/sync?pid=106&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9

0
421 B

93ms
93ms

Image
text/plain

54.208.200.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=106&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-200-8.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 20 Oct 2021 05:14:33 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:34 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.bfmio.com/sync?pid=106&uid=2de420a3-0165-4cb1-adbf-9ebb89bab0f9
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 183

GET
H2

204

services
uat-net.technoratimedia.com/ Frame 579F
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=9cd615ae-3...
https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=9cd61574-3164-11ec-b218-141922060206

0
301 B

122ms
122ms

Image
text/plain

193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=9cd61574-3164-11ec-b218-141922060206
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:34 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 665412544
access-control-allow-origin: https://ad-cdn.technoratimedia.com/
access-control-allow-credentials: true

Redirect headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Server: nginx
Location: https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=9cd61574-3164-11ec-b218-141922060206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 138
Connection: keep-alive
Content-Length: 0

GET
H/1.1 400
Bad Request syn
match.prod.bidr.io/cookie-sync/ Frame 579F 20 B
20 B 35ms
32ms Image
text/plain 52.16.151.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/syn

Requested by

Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.151.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-151-94.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

09a6d59f29991351a3146cbc0dfb7c6104ae603120337b7ec05da94c703493da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 20
strict-transport-security: max-age=2592000; includeSubDomains
content-type: text/plain

GET
H2

404

rtb-h
match.taboola.com/sg/synacor-ssp-network/1/ Frame 579F
Redirect Chain

https://trc.taboola.com/sg/synacor-ssp-network/1/rtb-h/?taboola_hm=1
https://match.taboola.com/sg/synacor-ssp-network/1/rtb-h?taboola_hm=1&tbid=5354f3e2-51ce-48b7-95b2-adbfe366e9d7-tuct8692b39&query=taboola_hm%3D1&isDirect=0

0
0

30ms
14ms

Image
text/html

151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/synacor-ssp-network/1/rtb-h?taboola_hm=1&tbid=5354f3e2-51ce-48b7-95b2-adbfe366e9d7-tuct8692b39&query=taboola_hm%3D1&isDirect=0
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

x-vcl-time-ms: 9
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: nginx
x-timer: S1634706874.883130,VS0,VE9
x-cache: MISS
location: https://match.taboola.com/sg/synacor-ssp-network/1/rtb-h?taboola_hm=1&tbid=5354f3e2-51ce-48b7-95b2-adbfe366e9d7-tuct8692b39&query=taboola_hm%3D1&isDirect=0
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4031-HHN

GET
H2

204

services
sync.technoratimedia.com/ Frame 579F
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=synacor
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6524352934
https://sync.1rx.io/usersync/tradedesk/2de420a3-0165-4cb1-adbf-9ebb89bab0f9
https://sync.targeting.unrulymedia.com/csync/RX-ef1c6d43-6474-4f69-9b64-63a034da2b72-003?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-ef1c6d43-6474-4f69-...
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-ef1c6d43-6474-4f69-9b64-63a034da2b72-003

0
301 B

93ms
93ms

Image
text/plain

193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-ef1c6d43-6474-4f69-9b64-63a034da2b72-003
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:34 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 713345431
access-control-allow-origin: https://ad-cdn.technoratimedia.com/
access-control-allow-credentials: true

Redirect headers

location: https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-ef1c6d43-6474-4f69-9b64-63a034da2b72-003
date: Wed, 20 Oct 2021 05:14:34 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXef1c6d4364744f699b6463a034da2b72003
content-type: text/html

GET
H2

204

services
uat-net.technoratimedia.com/ Frame 579F
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D
https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=16767551-4aa8-4f41-a43b-0bba3409b797

0
301 B

164ms
93ms

Image
text/plain

193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=16767551-4aa8-4f41-a43b-0bba3409b797
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 637956521
access-control-allow-origin: https://ad-cdn.technoratimedia.com/
access-control-allow-credentials: true

Redirect headers

location: https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=16767551-4aa8-4f41-a43b-0bba3409b797
date: Wed, 20 Oct 2021 05:14:33 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

204

services
uat-net.technoratimedia.com/ Frame 579F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58266/sync?redir=true
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-5b9oPAxE2uHvahK9hzGQekLsLVCLPik1~A

0
301 B

156ms
93ms

Image
text/plain

193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-5b9oPAxE2uHvahK9hzGQekLsLVCLPik1~A
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 719273058
access-control-allow-origin: https://ad-cdn.technoratimedia.com/
access-control-allow-credentials: true

Redirect headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-5b9oPAxE2uHvahK9hzGQekLsLVCLPik1~A
Connection: keep-alive
Content-Length: 0

GET
H2

204

services
uat-net.technoratimedia.com/ Frame 579F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D
https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YW.luZ5G1GJA6Oe4vtvPrwAA%261135

0
301 B

166ms
160ms

Image
text/plain

193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YW.luZ5G1GJA6Oe4vtvPrwAA%261135
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 752106267
access-control-allow-origin: https://ad-cdn.technoratimedia.com/
access-control-allow-credentials: true

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 05:14:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YW.luZ5G1GJA6Oe4vtvPrwAA%261135
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 286
Expires: Wed, 20 Oct 2021 05:14:33 GMT

GET
H2

204

services
uat-net.technoratimedia.com/ Frame 579F
Redirect Chain

https://bh.contextweb.com/bh/rtset?rurl=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs&pid=83&uid=%%VGUID%%
https://uat-net.technoratimedia.com/services?srv=cs&uid=yJo7UyB7oTyJ&pid=83

0
301 B

94ms
94ms

Image
text/plain

193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat-net.technoratimedia.com/services?srv=cs&uid=yJo7UyB7oTyJ&pid=83
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:34 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 768579034
access-control-allow-origin: https://ad-cdn.technoratimedia.com/
access-control-allow-credentials: true

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://uat-net.technoratimedia.com/services?srv=cs&uid=yJo7UyB7oTyJ&pid=83
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-75df76888-bkx8q
expires: -1

GET
H2

200

match_redirect
um.simpli.fi/ Frame 579F
Redirect Chain

https://match.bnmla.com/usersync?sspid=1000237&redir=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs%26pid=84%26uid=%5BUUID%5D
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID

43 B
361 B

13ms
13ms

Image
image/gif

169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID

Requested by

Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

Location: https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
Date: Wed, 20 Oct 2021 05:14:34 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3C71 31 KB
9 KB 16ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 05:14:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=32583
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9275
Expires: Wed, 20 Oct 2021 14:17:36 GMT

GET
H2 204 services
sync.technoratimedia.com/ Frame 3E9F 0
293 B 98ms
92ms Image
text/plain 193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=c08dafb7-1f57-09d5-00c4-299fe849d2b8
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 739452396
access-control-allow-origin: https://us-u.openx.net/
access-control-allow-credentials: true

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3E9F
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D7ED9EE854654FBEB9AFB6DA19F564E4

43 B
106 B

31ms
31ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=D7ED9EE854654FBEB9AFB6DA19F564E4
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 20 Oct 2021 05:14:33 GMT
x-content-type-options: nosniff
server: openresty
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=D7ED9EE854654FBEB9AFB6DA19F564E4
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 19 Oct 2021 05:14:33 GMT

GET
H/1.1

200
g

c.html
j.mrpdata.net/ Frame 3E9F
Redirect Chain

https://j.mrpdata.net/c.html?ex=OpenX
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX

0
0

9ms
9ms

Image
text/html

3.121.240.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.240.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-240-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

location: https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
pragma: no-cache
cache-control: no-cache
x-backend: dmc_hitServer_4_e@j4mrpdatanet
Connection: keep-alive
x-deviceid: 18747a04-2a23-d704-8cea-714b06af0f14
transfer-encoding: chunked

GET
H2 204 current
openx2-match.dotomi.com/match/bounce/ Frame 3E9F 0
104 B 109ms
65ms Image
text/plain 64.158.223.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-usadmm.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3E9F
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072977&val=2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553&gdpr=0&gdpr_consent=

43 B
106 B

24ms
24ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072977&val=2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553&gdpr=0&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://us-u.openx.net/w/1.0/sd?id=537072977&val=2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 ox
match.justpremium.com/match/ Frame 3E9F 43 B
323 B 41ms
8ms Image
image/gif 35.157.241.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.justpremium.com/match/ox?ex_uid=b7602ef9-2fb1-0b8c-381a-b1c9dddcaf64
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.241.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-241-112.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
content-length: 43
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3E9F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YW_luQAKfFmonQA6

43 B
106 B

28ms
28ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YW_luQAKfFmonQA6
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1634706874.941665,VS0,VE0
x-served-by: cache-hhn4025-HHN
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YW_luQAKfFmonQA6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3E9F
Redirect Chain

https://green.erne.co/openx/cm
https://pixel.onaudience.com/?mapped=9VAxJ28BQ58GfLv5pQUQXrT6&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fc...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=ddc1bcbd0907e7f2ce8cb506de213328&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%25...
https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3D9VAxJ28BQ58GfLv5pQUQXrT6
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=9VAxJ28BQ58GfLv5pQUQXrT6

43 B
106 B

24ms
24ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=9VAxJ28BQ58GfLv5pQUQXrT6
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:34 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=9VAxJ28BQ58GfLv5pQUQXrT6
date: Wed, 20 Oct 2021 05:14:34 GMT
server: openresty
strict-transport-security: max-age=0; includeSubDomains;
content-type: text/html; charset=UTF-8

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3E9F
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2528222965152317430&gdpr=0&gdpr_consent=&us_privacy=

43 B
106 B

26ms
24ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=2528222965152317430&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=2528222965152317430&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

dds
rtb.openx.net/sync/ Frame 3E9F
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=IrdqNdGGiMiMcHtID7DW5A==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
145 B

29ms
29ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:33 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-request-id: f9fgsnd0ibcii6upfgl2cajquu13sdvs

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6926864d-e8ac-a3af-5bd3-210a23fe2117
pr-bh.ybp.yahoo.com/sync/openx/ Frame 3E9F 43 B
871 B 38ms
34ms Image
image/gif 52.30.199.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/6926864d-e8ac-a3af-5bd3-210a23fe2117?gdpr=0

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.199.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-199-223.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame D549 0
239 B 7ms
7ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E782
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTNmYjUzOWM2NmJlYTE0MGU4Mjg2MTMzN2FmNTVjYWRmM2ZlMTliZA

170 B
188 B

25ms
24ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTNmYjUzOWM2NmJlYTE0MGU4Mjg2MTMzN2FmNTVjYWRmM2ZlMTliZA

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTNmYjUzOWM2NmJlYTE0MGU4Mjg2MTMzN2FmNTVjYWRmM2ZlMTliZA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame E782
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUZ29HFU-27-G7J8&sigv=1&esig=2~ee3671fee82de0c3f6bd57e6f0754cb42098459d

0
614 B

68ms
18ms

Image
text/plain

87.248.118.23
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUZ29HFU-27-G7J8&sigv=1&esig=2~ee3671fee82de0c3f6bd57e6f0754cb42098459d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.23 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:34 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUZ29HFU-27-G7J8&sigv=1&esig=2~ee3671fee82de0c3f6bd57e6f0754cb42098459d
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame E782 70 B
264 B 34ms
32ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E782
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/g3aeR82So56Tc13v-bPbPcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4886388357313020704

0
239 B

8ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4886388357313020704
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

date: Wed, 20 Oct 2021 05:14:34 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4886388357313020704
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 451 709414.gif
id.rlcdn.com/ Frame E782 0
0 81ms
31ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E782
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VaMjlIRlUtMjctRzdKOA==

170 B
188 B

24ms
24ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VaMjlIRlUtMjctRzdKOA==

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VaMjlIRlUtMjctRzdKOA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E782
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=bf37616f-a5b8-4700-bd72-1287d96bfc0a&expires=28

0
239 B

9ms
7ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=bf37616f-a5b8-4700-bd72-1287d96bfc0a&expires=28
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

Date: Wed, 20 Oct 2021 05:14:34 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x8 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=bf37616f-a5b8-4700-bd72-1287d96bfc0a&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 20 Oct 2021 05:14:33 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E782
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW_luQAKfFmonQA6

0
239 B

8ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW_luQAKfFmonQA6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:14:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1634706874.134255,VS0,VE0
x-served-by: cache-hhn4025-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW_luQAKfFmonQA6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 01CA 0
239 B 403ms
93ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 87d839cc3e00ba41df3f5dd9eab06282
Content-Type: image/gif

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 3C71 0
239 B 359ms
99ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=synacor_xapi
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 87d839cc3e00ba41df3f5dd9eab06282
Content-Type: image/gif

GET
H2 200 chunk-3.2f80e5019867c829e9f5.1633557839703.js Show response
nj1015.com/public/dist/desktop/ 29 KB
7 KB 8ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/public/dist/desktop/chunk-3.2f80e5019867c829e9f5.1633557839703.js

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) / Express

Resource Hash

f98bf1bc6ba8cea6bd3edfe9340aa9d469ebad166f24fcf0a1b212c941157c07

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-3.2f80e5019867c829e9f5.1633557839703.js
pragma: no-cache
cookie: gdpr-source=DE; abgroup=A; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9; _fbp=fb.1.1634706869824.13511798; blingblocksession=1; _gat_UA1150030077=1; cmp-data=. . 0b3e59e9-e31c-4926-854b-894ca19a44b8; _hjid=cbb97ce0-437a-4867-a32f-988e17912372; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:34 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 36057
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 7500
last-modified: Thu, 07 Oct 2021 19:11:36 GMT
server: ECS (frb/668C)
etag: W/"7323-17c5c2b0869"
x-frame-options: SAMEORIGIN
x-varnish: 1570056456
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:33 GMT

GET
H2 200 chunk-7.8925416d4486cca47151.1633557839703.js Show response
nj1015.com/public/dist/desktop/ 4 KB
2 KB 8ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/public/dist/desktop/chunk-7.8925416d4486cca47151.1633557839703.js

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) / Express

Resource Hash

8ad647fcd6695c5b4b33a52aef6af2d90e6e5a7b13bf39016f1fb23782814c5a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-7.8925416d4486cca47151.1633557839703.js
pragma: no-cache
cookie: gdpr-source=DE; abgroup=A; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9; _fbp=fb.1.1634706869824.13511798; blingblocksession=1; _gat_UA1150030077=1; cmp-data=. . 0b3e59e9-e31c-4926-854b-894ca19a44b8; _hjid=cbb97ce0-437a-4867-a32f-988e17912372; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; usprivacy=1---
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:34 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 35608
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 1834
last-modified: Thu, 07 Oct 2021 19:11:33 GMT
server: ECS (frb/668C)
etag: W/"118b-17c5c2afc85"
x-frame-options: SAMEORIGIN
x-varnish: 1570153269
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 05:14:33 GMT

POST
H2 200 cogitoergosum Show response
nj1015.com/rest/high/api/ 22 B
85 B 104ms
103ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://nj1015.com/rest/high/api/cogitoergosum

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://nj1015.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: gdpr-source=DE; abgroup=A; connect.sid=s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI; _ga=GA1.2.476914858.1634706869; _gid=GA1.2.906317624.1634706869; _gat_primary=1; _gat_UA191097531=1; _gat_UA971877725=1; _gat_UA288258041=1; _gat_UA452600604=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9; _fbp=fb.1.1634706869824.13511798; blingblocksession=1; _gat_UA1150030077=1; cmp-data=. . 0b3e59e9-e31c-4926-854b-894ca19a44b8; _hjid=cbb97ce0-437a-4867-a32f-988e17912372; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; usprivacy=1---; newsletter-overlay-notspam=completed-newsletter
content-length: 120
:path: /rest/high/api/cogitoergosum
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: nj1015.com
referer: https://nj1015.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://nj1015.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Oct 2021 05:14:34 GMT
etag: W/"16-9TAjjH5B1CRTDKLX0cVR1g"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
vary: Accept-Encoding
content-length: 22
expires: Wed, 20 Oct 2021 05:14:33 GMT

GET
H3 200 like.php Show response
www.facebook.com/v2.8/plugins/ Frame 838B 0
21 B 28ms
27ms Document
text/html 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1096102534197907&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df394ed8c7439efc%26domain%3Dnj1015.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnj1015.com%252Ff23c71d7b40ac18%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fnj1015.com%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large

Requested by

Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.35 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.8/plugins/like.php?action=like&app_id=1096102534197907&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df394ed8c7439efc%26domain%3Dnj1015.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnj1015.com%252Ff23c71d7b40ac18%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fnj1015.com%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nj1015.com/
accept-encoding: gzip, deflate, br
cookie: fr=0e7pbhAl2NILdDuYL..Bhb6W1...1.0.Bhb6W1.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: mUZlKr3kyldXWSb+jMsHfkIv7geT8nSRF9Y5/UcNZF9bsi/U6t3J42nuq3EU1zZfnBUOmVec7p19sacjpoFJmQ==
content-length: 0
date: Wed, 20 Oct 2021 05:14:34 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
23ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=990329378&t=event&_s=2&dl=https%3A%2F%2Fnj1015.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=New%20Jersey%20101.5%20%E2%80%93%20Proud%20to%20be%20New%20Jersey%20%E2%80%93%20New%20Jersey%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=476914858.1634706869&tid=UA-9718777-7&_gid=906317624.1634706869&_av=2.4.1&_au=20&did=i5iSjo&z=462937253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 04:37:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2241
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
23ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=990329378&t=event&_s=2&dl=https%3A%2F%2Fnj1015.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=New%20Jersey%20101.5%20%E2%80%93%20Proud%20to%20be%20New%20Jersey%20%E2%80%93%20New%20Jersey%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=476914858.1634706869&tid=UA-19109753-1&_gid=906317624.1634706869&_av=2.4.1&_au=20&did=i5iSjo&z=1534774586

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 04:37:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2241
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
24ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=990329378&t=event&_s=2&dl=https%3A%2F%2Fnj1015.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=New%20Jersey%20101.5%20%E2%80%93%20Proud%20to%20be%20New%20Jersey%20%E2%80%93%20New%20Jersey%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=476914858.1634706869&tid=UA-9718777-25&_gid=906317624.1634706869&_av=2.4.1&_au=20&did=i5iSjo&z=2001490466

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 04:37:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2241
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
26ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=990329378&t=event&_s=2&dl=https%3A%2F%2Fnj1015.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=New%20Jersey%20101.5%20%E2%80%93%20Proud%20to%20be%20New%20Jersey%20%E2%80%93%20New%20Jersey%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=476914858.1634706869&tid=UA-28825804-1&_gid=906317624.1634706869&_av=2.4.1&_au=20&did=i5iSjo&z=314621695

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 04:37:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2241
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
26ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=990329378&t=event&_s=2&dl=https%3A%2F%2Fnj1015.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=New%20Jersey%20101.5%20%E2%80%93%20Proud%20to%20be%20New%20Jersey%20%E2%80%93%20New%20Jersey%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=476914858.1634706869&tid=UA-45260060-4&_gid=906317624.1634706869&_av=2.4.1&_au=20&did=i5iSjo&z=673764122

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 04:37:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2241
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo1-4.png
townsquare.media/site/385/files/2014/07/ 6 KB
6 KB 8ms
7ms Image
image/png 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2014/07/logo1-4.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674B) / Express

Resource Hash

fa32ea193e8d3fb78003640ea74e56ba19b4060ed9b136d175a1057594d082e9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 20 Oct 2021 05:14:34 GMT
via: 1.1 varnish
age: 2603377
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 6353
last-modified: Thu, 12 Sep 2019 11:54:20 GMT
server: ECS (frb/674B)
x-frame-options: SAMEORIGIN
x-varnish: 1146852195
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/png
expires: Wed, 20 Oct 2021 05:14:33 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 53ms
21ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nj1015.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:37:36 GMT
x-content-type-options: nosniff
age: 563818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:37:36 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 6146 0
260 B 57ms
13ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156725&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:14:34 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 RWJUH-New-Brunswick-exterior-1.jpg
townsquare.media/site/385/files/2017/05/ 189 KB
190 KB 13ms
12ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2017/05/RWJUH-New-Brunswick-exterior-1.jpg?w=980&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) / Express

Resource Hash

605c4574e3f074bc11d27b96927d92a5f172297d1a9d13b385d28008a9270c9c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:39 GMT
via: 1.1 varnish
age: 71563
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 193814
last-modified: Thu, 24 Oct 2019 22:19:14 GMT
server: ECS (frb/6738)
x-frame-options: SAMEORIGIN
x-varnish: 1564024815
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:38 GMT

GET
H2 200 RWJUH-New-Brunswick-exterior-1.jpg
townsquare.media/site/385/files/2017/05/ 189 KB
189 KB 7ms
7ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/385/files/2017/05/RWJUH-New-Brunswick-exterior-1.jpg?w=980&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) / Express

Resource Hash

605c4574e3f074bc11d27b96927d92a5f172297d1a9d13b385d28008a9270c9c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:39 GMT
via: 1.1 varnish
age: 71563
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 193814
last-modified: Thu, 24 Oct 2019 22:19:14 GMT
server: ECS (frb/6738)
x-frame-options: SAMEORIGIN
x-varnish: 1564024815
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:38 GMT

GET
H2 200 ES-Headshot.jpg
townsquare.media/site/385/files/2017/09/ 12 KB
12 KB 8ms
8ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2017/09/ES-Headshot.jpg?w=300&q=75
Requested by: Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.82576c9117170fd9d7254bf8574d5670e518945b.js?mver=120&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) / Express
Resource Hash: b417a99bba6265ca4e3aeb48bdba0e47c63a3db47f11cce31a6d2091a1fd1307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:39 GMT
via: 1.1 varnish
age: 9769333
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 11829
last-modified: Tue, 10 Sep 2019 12:27:45 GMT
server: ECS (frb/6738)
x-varnish: 1446090784 1444780552
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:38 GMT

GET
H2 200 ES-Headshot.jpg
townsquare.media/site/385/files/2017/09/ 12 KB
12 KB 7ms
7ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/385/files/2017/09/ES-Headshot.jpg?w=300&q=75
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) / Express
Resource Hash: b417a99bba6265ca4e3aeb48bdba0e47c63a3db47f11cce31a6d2091a1fd1307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nj1015.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 20 Oct 2021 05:14:39 GMT
via: 1.1 varnish
age: 9769333
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 11829
last-modified: Tue, 10 Sep 2019 12:27:45 GMT
server: ECS (frb/6738)
x-varnish: 1446090784 1444780552
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Oct 2021 05:14:38 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id5-sync.com
URL: https://id5-sync.com/c/441/160/3/7.gif?puid=41301030295077625958554878856946451938&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

163 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cdn.mmctsvc.com/commercial-api	1970-01-19 22:15:11	Name: stateCode Value: HE
cdn.mmctsvc.com/commercial-api	1970-01-19 22:15:11	Name: countryCode Value: DE
cdn.mmctsvc.com/commercial-api	1970-01-19 22:15:11	Name: userPlatform Value: desktop
.3lift.com/sync	1970-01-20 00:14:42	Name: sync Value: CgoIgQIQn7f94MkvCgoI4gEQn7f94MkvCgoI5gEQn7f94MkvCgoIhwIQn7f94MkvCgkICRCft_3gyS8KCQg6EJ-3_eDJLwoJCAsQn7f94MkvCgoIjAIQn7f94MkvCgoIzgEQn7f94MkvCgkIXxCft_3gyS8=
nj1015.com/	1969-12-31 23:59:59	Name: gdpr-source Value: DE
nj1015.com/	1970-01-20 00:14:42	Name: abgroup Value: A
nj1015.com/	1970-01-19 22:48:18	Name: connect.sid Value: s%3A8Kf86f6wrT_xAm4qRh_JXjE4pkpPzl0W.nK%2BF%2FzzYsNBEXAO7QEDUqAqZMten3AmIQcVjOgvCEfI
.google.com/	1970-01-20 02:28:38	Name: NID Value: 511=jzINWiXIxEfDfoMBKqV4c5p57qGdatL_q0VNZ1lq8aNQObmTVm4G9L1o8INshHSQ4TQOlPRXbon9eHad3B50F5O_qmhsio_v_MdcHAPu_JBtg9EJ8CrX4A8h_YvL9ePWB_e3IyL-QzfY5qGwplW98Xr8k6t3Pve_crXmaAp4S8g
.nj1015.com/	1970-01-20 15:36:18	Name: _ga Value: GA1.2.476914858.1634706869
.nj1015.com/	1970-01-19 22:06:33	Name: _gid Value: GA1.2.906317624.1634706869
.nj1015.com/	1970-01-19 22:05:06	Name: _gat_primary Value: 1
.nj1015.com/	1970-01-19 22:05:06	Name: _gat_UA191097531 Value: 1
.nj1015.com/	1970-01-19 22:05:06	Name: _gat_UA971877725 Value: 1
.nj1015.com/	1970-01-19 22:05:06	Name: _gat_UA288258041 Value: 1
.nj1015.com/	1970-01-19 22:05:06	Name: _gat_UA452600604 Value: 1
.adsrvr.org/	1970-01-20 06:50:42	Name: TDID Value: 2de420a3-0165-4cb1-adbf-9ebb89bab0f9
nj1015.com/	1970-01-19 22:05:08	Name: cogitoergosum Value: eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDIwIE9jdCAyMDIxIDA1OjE0OjI5IEdNVCJ9
.kargo.com/	1970-01-20 06:50:42	Name: ktcid Value: 93c6b83b-fbe0-0fb8-13b1-ecaddb889e0b
.openx.net/	1970-01-20 06:50:42	Name: i Value: 2e4ddf50-d187-0e11-30d2-ff17b88edfa3\|1634706869
.gumgum.com/	1970-01-20 06:50:42	Name: cs Value: true
.gumgum.com/	1970-01-19 22:48:18	Name: loc Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdzACEQ3JcDkYSa8DRCNeggGFXoqrKYmvNRYbDiv5cjMZA
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5A Value: s56128\|YW+lu
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: sYhL4A8YJbo
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=
.nj1015.com/	1970-01-20 00:14:42	Name: _fbp Value: fb.1.1634706869824.13511798
.rubiconproject.com/	1970-01-20 06:50:42	Name: khaos Value: KUZ29HFU-27-G7J8
.rubiconproject.com/	1970-01-20 06:50:42	Name: audit Value: 1\|naVuGyos1qoCmHU5ufrZaeNF7N8VGS2LOh91/hZsWhzmXZin+bf4KfyXVrVCwtUQJhsHlJbldDcko6/OPg0GXKZr5ZVxLWDe
.facebook.com/	1970-01-20 00:14:42	Name: fr Value: 0e7pbhAl2NILdDuYL..Bhb6W1...1.0.Bhb6W1.
nj1015.com/	1969-12-31 23:59:59	Name: blingblocksession Value: 1
.nj1015.com/	1970-01-19 22:05:06	Name: _gat_UA1150030077 Value: 1
.gumgum.com/	1970-01-20 06:50:42	Name: vst Value: e_fd31f898-b662-438a-a225-ae08c725c62d
.adnxs.com/	1970-01-20 00:14:42	Name: icu Value: ChgIoN5sEAoYASABKAEwtcu-iwY4AUABSAEQtcu-iwYYAA..
.adnxs.com/	1970-01-20 00:14:42	Name: uuid2 Value: 7731849333306481492
e.serverbid.com/	1970-01-20 06:50:42	Name: azk Value: ue1-sb1-b487ef95-bb86-40b4-93b9-425949d6c100
.nj1015.com/	1970-01-20 07:26:42	Name: cmp-data Value: . . 0b3e59e9-e31c-4926-854b-894ca19a44b8
.nj1015.com/	1970-01-20 06:50:42	Name: _hjid Value: cbb97ce0-437a-4867-a32f-988e17912372
.nj1015.com/	1970-01-19 22:05:08	Name: _hjFirstSeen Value: 1
nj1015.com/	1970-01-19 22:05:06	Name: _hjIncludedInPageviewSample Value: 1
.nj1015.com/	1970-01-19 22:05:08	Name: _hjAbsoluteSessionInProgress Value: 0
nj1015.com/	1970-01-19 22:05:06	Name: _hjIncludedInSessionSample Value: 1
.media6degrees.com/	1970-01-20 02:24:18	Name: acs Value: 012020k1r19fw7xzt10
.media6degrees.com/	1970-01-20 02:24:18	Name: clid Value: 2r19fw701171vfxzvvsgivai0000000185011701a01
.3lift.com/	1970-01-20 00:14:42	Name: tluid Value: 12624249444246853543
.id5-sync.com/	1970-01-19 22:05:07	Name: cf Value:
.id5-sync.com/	1970-01-19 22:05:07	Name: cip Value:
.id5-sync.com/	1970-01-19 22:05:07	Name: cnac Value:
.id5-sync.com/	1970-01-19 22:05:07	Name: car Value:
.id5-sync.com/	1970-01-19 22:05:07	Name: gdpr Value:
.id5-sync.com/	1970-01-19 22:05:07	Name: id5 Value: 6517bd1d-0e1d-4132-9f5d-b93679bf3be6#1634706868452#1
.id5-sync.com/	1970-01-19 22:05:07	Name: callback Value:
.media.net/	1970-01-20 02:31:30	Name: gdpr_status Value: 1
.mathtag.com/	1970-01-20 07:31:02	Name: uuid Value: bf37616f-a5b8-4700-bd72-1287d96bfc0a
.360yield.com/	1970-01-20 00:14:42	Name: tuuid Value: 16767551-4aa8-4f41-a43b-0bba3409b797
.360yield.com/	1970-01-20 00:14:42	Name: tuuid_lu Value: 1634706873
.ads.pubmatic.com/	1970-01-19 22:06:33	Name: KCCH Value: YES
.quantserve.com/	1970-01-20 07:35:21	Name: mc Value: 616fa5b9-75d82-aba0d-88ab6
.w55c.net/	1970-01-20 07:35:21	Name: wfivefivec Value: kMDB6LQ41MD3VT5
.bidswitch.net/	1970-01-20 06:50:42	Name: tuuid Value: a763d3a6-fcf2-4e0a-b886-9de8452f8dd8
.bidswitch.net/	1970-01-20 06:50:42	Name: c Value: 1634706873
.bidswitch.net/	1970-01-20 06:50:42	Name: tuuid_lu Value: 1634706873
.adform.net/	1970-01-19 22:49:45	Name: C Value: 1
.w55c.net/	1970-01-19 22:48:18	Name: matchopenx Value: 5
.360yield.com/	1970-01-20 00:14:42	Name: um Value: !79,5Y67CGOA17RNdj8kWvEEggVzzV--UnfQZ0kLkpuN5aoTzQmaY7U1Ok6yDriLqchVLu6Dz.CewtdHMRka,1642482873!313,5Y67CA7Rh82Esbww9C1JGENUp938U3Wnk0SVA.-wLvypO7zxbnrAaZc93HvWPo1JA-hUdwseHULLaf17,1642482873
.360yield.com/	1970-01-20 00:14:42	Name: umeh Value: !79,0,1696914873,-1!313,0,1696914873,-1
.adform.net/	1970-01-19 23:31:30	Name: uid Value: 8509317639024795850
.advertising.com/	1970-01-20 06:52:09	Name: APID Value: UP9c99fa34-3164-11ec-8b7b-020b1bec13a0
.turn.com/	1970-01-20 02:24:18	Name: uid Value: 2528222965152317430
.bing.com/	1970-01-20 07:26:42	Name: MUID Value: 1FFBB141DDA965E52BC9A197DC226450
.doubleclick.net/	1970-01-20 07:26:42	Name: IDE Value: AHWqTUmiLJLHEfPEjpWWjSug0KtcN0LDeLNF4xSFISpR43ofRb1-rWVOPlxXJ4WSlDo
.sitescout.com/	1970-01-20 06:50:42	Name: ssi Value: 2dbb4b2f-128c-403c-b142-8f1c873c1774#1634706873558
.pubmatic.com/	1970-01-20 00:14:42	Name: KADUSERCOOKIE Value: 1A7016B9-61FC-41D8-A230-160928EEB3A7
.pubmatic.com/	1970-01-20 00:14:42	Name: DPSync3 Value: 1635897600%3A201_197_219%7C1634774400%3A174
.bidr.io/	1970-01-20 07:33:40	Name: bito Value: AAGzDk7C30sAABWwRYAZ4g
.bidr.io/	1970-01-20 07:33:40	Name: bitoIsSecure Value: ok
.quantserve.com/	1970-01-20 00:14:42	Name: d Value: EL4BEQHDJPijCJiTAA
.onaudience.com/	1970-01-20 06:50:42	Name: cookie Value: 1f1cd25622ca2041
.onaudience.com/	1970-01-19 22:06:33	Name: done_redirects104 Value: 1
.simpli.fi/	1970-01-20 06:52:09	Name: suid Value: D7ED9EE854654FBEB9AFB6DA19F564E4
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP9c99fa34-3164-11ec-8b7b-020b1bec13a0
.yahoo.com/	1970-01-19 22:06:33	Name: APIDTS Value: 1634706873
.yahoo.com/	1970-01-20 06:51:04	Name: A3 Value: d=AQABBLmlb2ECEH0EhojAkOtSIMtqqHRCeNQFEgEBAQH3cGF5YQAAAAAA_eMAAA&S=AQAAAi1fJCy8JqMJaoUHvEo3mqs
.de17a.com/	1970-01-20 06:43:30	Name: guid2 Value: 1.6633041296076121006
.exelator.com/	1970-01-20 00:57:54	Name: EE Value: "1de86b767e2f363296013e4a387ef07a"
.exelator.com/	1970-01-20 00:57:54	Name: ud Value: "eJxrXxzq6XKLQcEwJdXCLMnczDzVKM3YzNjI0szA0DjVJNHYwjw1zcA8cXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVywAswJcw1asCS%252FKDN9UWjw4qKUNMZFJcWngvf5CQAALwImfQ%253D%253D"
ads.avct.cloud/	1970-01-20 06:50:42	Name: uuid Value: e9ca7de2-7264-4175-81aa-404572b260bd
.casalemedia.com/	1970-01-20 06:50:42	Name: CMID Value: YW.luZ5G1GJA6Oe4vtvPrwAA
.casalemedia.com/	1970-01-20 00:14:42	Name: CMPS Value: 3236
.pubmatic.com/	1970-01-19 22:48:18	Name: KRTBCOOKIE_391 Value: 22924-8509317639024795850&KRTB&23263-8509317639024795850
.pubmatic.com/	1970-01-20 00:14:42	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 06:50:42	Name: KRTBCOOKIE_27 Value: 16735-uid:bf37616f-a5b8-4700-bd72-1287d96bfc0a&KRTB&16736-uid:bf37616f-a5b8-4700-bd72-1287d96bfc0a&KRTB&23019-uid:bf37616f-a5b8-4700-bd72-1287d96bfc0a&KRTB&23114-uid:bf37616f-a5b8-4700-bd72-1287d96bfc0a
.pubmatic.com/	1970-01-20 00:14:42	Name: KRTBCOOKIE_377 Value: 6810-2de420a3-0165-4cb1-adbf-9ebb89bab0f9&KRTB&22918-2de420a3-0165-4cb1-adbf-9ebb89bab0f9&KRTB&23031-2de420a3-0165-4cb1-adbf-9ebb89bab0f9
.pubmatic.com/	1970-01-19 22:48:18	Name: SPugT Value: 1634706872
.pubmatic.com/	1970-01-20 00:14:42	Name: KRTBCOOKIE_153 Value: 19420-tqxDDOGoF1OtqkAOuK9YC-L8RQ6tpU0L4qv26B0w&KRTB&22979-tqxDDOGoF1OtqkAOuK9YC-L8RQ6tpU0L4qv26B0w
.pubmatic.com/	1970-01-19 22:48:18	Name: KRTBCOOKIE_336 Value: 5844-6633041296076121006
.pubmatic.com/	1970-01-20 00:14:42	Name: KRTBCOOKIE_57 Value: 22776-7731849333306481492
.pubmatic.com/	1970-01-20 00:14:42	Name: KRTBCOOKIE_80 Value: 22987-CAESEDssPve_9345jBzTV4-gG98&KRTB&16514-CAESEDssPve_9345jBzTV4-gG98&KRTB&23025-CAESEDssPve_9345jBzTV4-gG98
.pubmatic.com/	1970-01-19 22:48:18	Name: KRTBCOOKIE_699 Value: 22727-AAGzDk7C30sAABWwRYAZ4g
.casalemedia.com/	1970-01-20 00:14:42	Name: CMPRO Value: 1135
.casalemedia.com/	1970-01-19 22:06:33	Name: CMST Value: YW+luWFvpbkA
.nrich.ai/	1970-01-20 11:02:42	Name: _nauid Value: 721080ca-da5d-4fde-ad90-ddb6f445930d
.pubmatic.com/	1970-01-20 00:14:42	Name: SyncRTB3 Value: 1635984000%3A35%7C1635292800%3A223%7C1635897600%3A8_71_13_3_54_220_21_56_161_7_22%7C1635552000%3A63
.lijit.com/	1970-01-20 06:50:42	Name: ljt_reader Value: 10a48cab46e5dc3e83464d75
.admanmedia.com/	1970-01-20 06:50:42	Name: admtr Value: dbb1febdc9bec68bc4e83680c0ce3bb234af521f
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5G Value: s578\|YW+lv
.pubmatic.com/	1970-01-20 00:14:42	Name: KRTBCOOKIE_466 Value: 16530-a763d3a6-fcf2-4e0a-b886-9de8452f8dd8
.pubmatic.com/	1970-01-19 22:48:18	Name: PugT Value: 1634706872
.crwdcntrl.net/	1970-01-20 04:33:54	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 04:33:54	Name: _cc_id Value: ddc1bcbd0907e7f2ce8cb506de213328
.crwdcntrl.net/	1970-01-20 04:33:54	Name: _cc_cc Value: "ACZ4XmNQSElJNkxKTkoxsDQwTzVPM0pOtUhOMjUwS0k1MjQ2NrJgAILE%2FKU7QTQUAAB4EAuW"
.crwdcntrl.net/	1970-01-20 04:33:54	Name: _cc_aud Value: "ABR4XmNgYGBIzF%2B6E0hBAQAasgIv"
.pubmatic.com/	1970-01-20 00:14:42	Name: chkChromeAb67Sec Value: 4
.analytics.yahoo.com/	1970-01-20 06:52:09	Name: IDSYNC Value: "18z8~2125:17ot~2125:18yi~2125"
.onaudience.com/	1970-01-19 22:06:33	Name: done_redirects147 Value: 1
.openx.net/	1970-01-19 22:26:42	Name: pd Value: v2\|1634706873\|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi
.tapad.com/	1970-01-19 23:31:30	Name: TapAd_TS Value: 1634706873858
.tapad.com/	1970-01-19 23:31:30	Name: TapAd_DID Value: b507fadf-5b1e-49b3-a586-c1ca5a459714
.everesttech.net/	1970-01-20 06:50:42	Name: everest_g_v2 Value: g_surferid~YW_luQAKfFmonQA6
.taboola.com/	1970-01-20 06:50:42	Name: t_gid Value: 5354f3e2-51ce-48b7-95b2-adbfe366e9d7-tuct8692b39
.tapad.com/	1970-01-19 23:31:30	Name: TapAd_3WAY_SYNCS Value:
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:37:00	Name: bcookie Value: "v=2&8c606296-f4ff-4c94-8d58-0eab623999b1"
.linkedin.com/	1970-01-19 22:06:33	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2661:u=1:x=1:i=1634706873:t=1634793273:v=2:sig=AQFJ61QIwAKh7RoU9u6lQQqDdore3XgF"
.spotxchange.com/	1970-01-20 06:50:46	Name: audience Value: 9cd61574-3164-11ec-b218-141922060206
.onaudience.com/	1970-01-19 22:06:33	Name: done_redirects236 Value: 1
.undertone.com/	1970-01-20 06:51:03	Name: UID_EXT_39 Value: b68c872e-78af-0d85-0081-28382b05cc0c
.sitescout.com/	1970-01-19 22:48:18	Name: _ssuma Value: eyI0IjoxNjM0NzA2ODczNTgzLCIzOSI6MTYzNDcwNjg3MzU4MywiMTciOjE2MzQ3MDY4NzM5NDh9
.pubmatic.com/	1970-01-20 00:14:42	Name: KRTBCOOKIE_218 Value: 22978-YW_luQAKfFmonQA6&KRTB&23194-YW_luQAKfFmonQA6&KRTB&23209-YW_luQAKfFmonQA6&KRTB&23244-YW_luQAKfFmonQA6
.justpremium.com/	1970-01-19 22:49:45	Name: jpxumaster Value: um-587e91af-d258-4aa2-a076-8a0db41bc1b6-1634706873
.justpremium.com/	1970-01-19 22:05:17	Name: jpxumatched Value: ox
.mrpdata.net/	1970-01-19 22:48:18	Name: U Value: 1f44a031-c668-e93d-84b3-06f932e51e8b
.1rx.io/	1970-01-20 06:50:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ef1c6d43-6474-4f69-9b64-63a034da2b72-003%22%7D
.mrpdata.net/	1970-01-23 13:41:06	Name: DNT Value: 00000000-0000-0000-0000-000000000000
.erne.co/	1970-01-20 06:50:42	Name: u Value: 9VAxJ28BQ58GfLv5pQUQXrT6
.technoratimedia.com/	1970-01-21 17:53:06	Name: tads_uid Value: GDPR
.onaudience.com/	1970-01-19 22:06:33	Name: done_redirects200 Value: 1
.eyeota.net/	1970-01-20 06:50:42	Name: mako_uid Value: 17c9c1f5e9e-71d60000010f419d
.eyeota.net/	1970-01-19 22:05:07	Name: SERVERID Value: 16797~DM
eus.rubiconproject.com/	1970-01-20 00:14:42	Name: pux Value: 1512%3D103445%262307%3D103445%262974%3D103445%263778%3D103445%262249-DV360-Hosted%3D103445%26brx%3D103445%26idl%3D103445%26goog%3D103445%26
.mediarithmics.com/	1970-01-20 06:50:42	Name: mics_vid Value: 21682816348
.mediarithmics.com/	1970-01-20 06:50:42	Name: mics_uaid Value: web:1:363f762d-a734-4dd2-ad85-dbea00bdb440
.mediarithmics.com/	1970-01-20 06:50:42	Name: mics_lts Value: 1634706874015
.betweendigital.com/	1970-01-20 06:50:42	Name: dc Value: was1
.betweendigital.com/	1970-01-20 06:50:42	Name: tuuid Value: c06e85f0-aa6a-5325-b97b-5b95d814fe2c
.betweendigital.com/	1970-01-20 06:50:42	Name: ss Value: 1
.targeting.unrulymedia.com/	1970-01-20 06:50:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ef1c6d43-6474-4f69-9b64-63a034da2b72-003%22%7D
.undertone.com/	1970-01-20 06:51:03	Name: UID_EXT_53 Value: 1A7016B9-61FC-41D8-A230-160928EEB3A7
.undertone.com/	1970-01-20 06:51:03	Name: UID_EXT_55 Value: $UID/2dbb4b2f-128c-403c-b142-8f1c873c1774-616fa5b9-5553
.betweendigital.com/	1970-01-20 06:50:42	Name: ut Value: YW-lugABT_CXSV-8gZDsEikHI82-nDO42ysR4w==
.mathtag.com/	1970-01-19 22:48:18	Name: mt_mop Value: 9:1634706873
.smartadserver.com/	1970-01-20 07:35:21	Name: pid Value: 3655208771924687483
.smartadserver.com/	1970-01-20 07:35:21	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 07:35:21	Name: csync Value: 127:AAGzDk7C30sAABWwRYAZ4g
.id5-sync.com/	1970-01-20 00:14:42	Name: 3pi Value: 160#1634706869411#-1982900176\|146#1634706868995#368672665\|18#1634706869230#273421285\|19#1634706869272#-1930552245#ddc1bcbd0907e7f2ce8cb506de213328\|916#1634706868696#357266837\|441#1634706868493#48\|124#1634706868728#357266837
.bnmla.com/	1970-01-19 22:05:07	Name: rx_sspurl_1000237 Value: https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D84%26uid%3Dc2d49ae8-caa6-4cff-a541-08bd4e6cefb5
.bnmla.com/	1970-01-19 22:26:42	Name: rx_uuid Value: c2d49ae8-caa6-4cff-a541-08bd4e6cefb5
.bnmla.com/	1970-01-19 22:26:42	Name: rx_maxage_1000237 Value: 1636002874
.bnmla.com/	1970-01-19 22:05:07	Name: rx_sspid_1000237 Value: 6
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 4e70cd7c91d1ccd8
.adsrvr.org/	1970-01-20 06:50:42	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwio8YmS0eSJOhAFGAEgASgCMgsI-sK6xefkiToQBTgBWgdyd3VxOW55YAI.
.bfmio.com/	1970-01-20 06:50:42	Name: __106_cid Value: 2de420a3-0165-4cb1-adbf-9ebb89bab0f9
.bfmio.com/	1970-01-20 06:50:42	Name: __io_cid Value: 2de420a3-0165-4cb1-adbf-9ebb89bab0f9
nj1015.com/	1970-01-19 22:06:33	Name: usprivacy Value: 1---
nj1015.com/	1970-01-19 22:48:18	Name: newsletter-overlay-notspam Value: completed-newsletter

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://pubcast-files.remixd.com/player-configs/nj1015.com Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://match.prod.bidr.io/cookie-sync/syn Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://match.taboola.com/sg/synacor-ssp-network/1/rtb-h?taboola_hm=1&tbid=5354f3e2-51ce-48b7-95b2-adbfe366e9d7-tuct8692b39&query=taboola_hm%3D1&isDirect=0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id5-sync.com/c/441/160/3/7.gif?puid=41301030295077625958554878856946451938&gdpr=1&gdpr_consent= Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
accounts.google.com
action.dstillery.com
action.media6degrees.com
ad-cdn.technoratimedia.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.yahoo.com
ap.lijit.com
apex.go.sonobi.com
api.btloader.com
api.conversant.mgr.consensu.org
api.rlcdn.com
apis.google.com
as-sec.casalemedia.com
b1sync.zemanta.com
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cdn.conversant.mgr.consensu.org
cdn.districtm.io
cdn.mmctsvc.com
cdn.production.townsquareblogs.com
cdn.undertone.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cs.admanmedia.com
cs.emxdgt.com
d.turn.com
d1180od816jent.cloudfront.net.
d5p.de17a.com
dis.criteo.com
dsp.nrich.ai
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
go.sonobi.com
green.erne.co
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
in.hotjar.com
inv-nets.admixer.net
j.mrpdata.net
js-sec.indexww.com
krk.kargo.com
loadm.exelator.com
match.adsrvr.org
match.bnmla.com
match.justpremium.com
match.prod.bidr.io
match.taboola.com
native.sharethrough.com
nj1015.com
onetag-sys.com
openx2-match.dotomi.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.instagram.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
proc.ad.cpe.dotomi.com
promotions.minutemediaservices.com
ps.eyeota.net
pubcast-files.remixd.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
sb.scorecardresearch.com
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
simage4.pubmatic.com
ssl.gstatic.com
ssum-sec.casalemedia.com
static.hotjar.com
static.solutionshindsight.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.serverbid.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
syndication.twitter.com
tags.remixd.com
tlx.3lift.com
token.rubiconproject.com
townsquare.media
townsquaremedia-d.openx.net
trc.taboola.com
uat-net.technoratimedia.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.youtube.com
x.bidswitch.net
id5-sync.com
104.109.78.125
104.111.219.144
104.111.247.126
104.16.190.66
104.18.11.79
104.244.42.8
104.26.7.139
107.23.118.141
108.174.11.69
13.248.245.213
13.32.121.21
13.32.99.105
13.32.99.16
130.211.23.194
134.209.131.220
142.250.181.237
142.250.184.206
142.250.185.100
142.250.185.104
142.250.185.110
142.250.185.130
142.250.185.134
142.250.185.163
142.250.185.98
142.250.185.99
142.250.186.130
142.250.186.42
142.250.186.99
146.0.227.110
151.101.194.49
151.101.65.44
152.199.22.191
157.240.20.174
157.240.20.19
157.240.20.35
157.240.20.63
167.172.1.14
169.50.137.190
172.67.69.19
178.162.133.148
178.162.133.149
178.162.133.150
178.250.0.157
178.250.2.151
18.156.0.31
18.184.201.8
18.185.142.87
18.195.155.181
18.197.87.177
18.66.112.92
18.66.122.105
18.66.139.28
18.66.97.124
18.66.97.128
18.66.97.49
184.31.84.150
185.29.132.245
185.33.220.244
185.33.221.53
185.64.189.110
185.64.189.112
185.64.189.114
185.64.190.78
185.64.190.79
185.64.190.80
185.94.180.126
188.165.4.142
192.229.233.181
192.229.233.217
192.229.233.218
193.122.130.38
198.148.27.140
198.47.127.20
199.187.193.166
2.16.186.40
2.18.232.7
2.18.233.180
2.18.234.21
2.18.235.93
2.19.35.65
204.79.197.200
205.185.216.10
208.100.17.174
209.54.178.82
213.155.156.165
213.19.147.44
213.19.162.61
216.52.2.30
216.58.212.130
3.121.182.182
3.121.240.184
3.122.214.165
3.125.147.153
34.107.148.139
34.120.133.55
34.254.143.3
34.95.69.49
34.98.64.218
35.157.241.112
35.190.38.143
35.227.248.159
35.227.252.103
35.244.174.68
37.157.2.238
38.27.122.158
46.228.164.11
46.228.164.13
51.210.112.63
51.68.39.188
51.89.9.254
52.16.151.94
52.16.211.92
52.222.210.175
52.222.236.74
52.222.250.140
52.30.14.23
52.30.199.223
52.48.175.241
52.57.38.160
54.208.200.8
64.158.223.137
64.158.223.146
66.155.71.149
69.173.144.138
69.173.144.165
70.42.32.31
74.125.140.154
76.223.111.131
8.43.72.97
87.248.118.23
88.214.206.247
91.228.74.198
93.184.220.66
96.46.186.57
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
014a2b3cc4d32c0dcc88feedd259ff152dd05fa561f44764d4c98159f6d7ee00
01b1b72e70c5e0b2c3ca1d8cfb390e389a0a37b2a143a41031c909d4450dc5b8
028603e12a60db253d6ae87adbaa27bd28f78bb4b1b3a9e7da70f89c86cd8534
050f96ca534637b366514f0915cf46696791aada88becb0dd4b41a8256fb9d9f
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07025834a81ea9218ceb12430a7ca3c7be31df4a5d9c1c874f9fb7d1786c47c1
08142330655deb1526dcc56795c92eb5c13012f75b599d5ac68db4027953ed80
08777f3b45a881fb635787f8f2bd9ae32aea79a9ee0cb88596df05da836085dc
09039e29f8f42a6d279578ec49bc3daba33fac3ad4a67f142a3bd73c5d7eca7e
09a6d59f29991351a3146cbc0dfb7c6104ae603120337b7ec05da94c703493da
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0bd50ad8e172b4668c5346c725cb3be7c8b6352b096c12e266f46ef6c09a80
0cf3f55f0655324f432222980facc8070e11828db2a64b41c7c3da635668a229
0d656351ffb7deec171b5f1c12bdfa51f332d81a1926ec6db620ab59f84d913b
0df929fe53b421dd95e1197b96431e0b48e09c94eac687acb96484875790cd0b
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12c6858e76aed7c61aa74e276a1e182dbaddf86798fd339889a2a3ab13a79fed
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
162a68e430e6979c941528208678741ec98e2881d137a2e6169acd6417be304e
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a
1810a29de502fbe12f94c149e6af6f4001de6df01ccec6a9da0f2b5824a683cb
186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66
1930188b53b4c773e79a47c3dec0de8f6b02d1f5c95cb55b5118c389bcd34bcc
19c0bffef3e5137137c79e3281dea3b5110ee141f33ac3853eb2e61f269f698d
1a0d982e5f4d4477187db9c541b4931dbc75ad715cefd978ec494642f84f2196
1afc2a7dd805586d815ab1dfe5bce337764c161acdf81f12d9d3d2fc2207670a
1bb0e6bf69e9bfb3ae25f71e870ffffd892d7d83b4a1e6ec66210c8d47882737
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1fc06d4ff47162b68447941c294ede663c35c727ecf794d282535ce70a205210
2037bd2b8429338ca2b02dfbbe80f2f90fa1bd86fd5180836f95f9b578a74ad4
206942b1da64538e8d297f8676de28e3064b00441cb20b2e98b885efa5816835
223d9c8689c39003b0585d7b46633ff2e9afe6b380609a3f3be61643d154bdea
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
261265bf646d13a728e3c8edb873bed62feef98fdf5a356efff1eb655c37b040
267d1daed09d9ecec5f1e21bb6fe93e6eb9b65a051b7c07e966dfcda10f9e812
2a37615e1c222d73b4bc79ddd0c9a7906b33d530cbd648c8a19744f07fca969e
2eeeeed885ffcac3d38a655c8880280be746bcbc40fa8780eca2ada2d749e1e4
2f1e675f2ce9803e08ceb2ae10986adbe731af5f133bc7f5e74f2cf842916617
2fe69124b7da8ef9870f67e0a05a6b7f17d76aa76b20121580a703df696ce40e
313eda090a9ddc20c7000dd1839e141be3c263ff0cdf4e3a5d48348ed6e0b9af
328e92cbd48405f675fd1b62972c3f9db288c4f1f4d4280d5bb33b21ff656adc
33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71
33ecfe782294d19b91eb7a9566929dc72047b11ad026d5397de348012ff938a6
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
357091aad5e94874a186fc3cae498ec3518669d76dec5761fa13a1d7f04b45c9
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
3b9ea3ee50fff9060f7ea53fce65183fa6e29a7eca93f308d9d7b822570f1d1b
3d937fa7346d3b795355d54a229f86ecba67bd668d1b3019041bdc1903346724
3f2bcc1add65a22137882700bf93a7ab8caf26cad883e9487cac9101978715a3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412066e0bbed90e039b96695f47201f6c41ed6a80956eae271943e45f6b1a3e7
42f314ed9a561d83b3046fa09c389ef3bfce097099b778b570742e4f2eab05bc
43384959783d38f24dbd5628f107a49a78cf91b421e08782b4758a9b896360fa
44092bcd444906ea231d6bd9dc001f633ab4b3c27befa6a5165a17be81b28375
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
47c2a064595a04eef284052f1c0e2a6eb32c61f04a5238d09ebca7ad16a7c617
47ef35af3460ce34fe6c9a209e3a518d5f7ef2d557336f936774dd2a8cca4837
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49c39869fae35705852a449ced6b41870e1ae112e87ceda2637cb6dd0c7c5944
49e7f91865c021485f672fcdde5619f80a6cd81dcb1a9462a2f4a962a53b2881
4acb33dc8d89a6c766b4d9dd6930c38d1c8523d70f014f648a16e92acc7b9a40
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51e2529e6e1b696560e8ce848486e41cc52e9952c0b4c3a7e3aab27b13364e92
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
53e41f5d9b355117a62f5c5f08351376be92a5bc2a594c9f4d4c2a3bcacb6241
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
59a49de0bc17d5cd200ff031fec2dc541bbb9d8b6fab93b5a79a0f0cddf7f652
5c3d776db96ff4e94d33d6492ad12055a69fce66f11f4a49489d091438c1e954
5f73aa06d8df02a1b0fa5441cbcae3f93edb479c92a8b1c2ddf5d92dfa72d578
5f847db4533eab27256bef8347c883fc4c23233a80272933fea4352ef2ed1a40
605c4574e3f074bc11d27b96927d92a5f172297d1a9d13b385d28008a9270c9c
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e
63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157
64d2653d551fc8075979181b1d93b46f8a0f58dbc0b7b47480304a12b011c65e
660bba340d15cde5acfe7f2fd0f39570eb8393f221aff910b87e7f6c47c37016
67e1ba461589803ac8e614b93b470f66188ca857294a2d2363348daec1f266e2
6a0b947bc31edc47818821a1aa76bf7a7a97ae62736414078932ae8266d5c81d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6dbfba471ede6d5d286947ae471abb02656ff5cc5f69374dd133ed2ba11e86c3
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122
7072c25798bd9320d7fc373f555a8b0a231edea5d7ea7e816245468ec5e005f8
718036acfccc6c6abd503c6a7ab7a605ef9385479c413e9449b251c0cbeebfab
720fe509e6f2cec0f1ab1c8c765b23b30d6075546f68e2785ab014841bde0ded
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
74dbbf4f96c3eb18a8a3df70ab6179deee4c2a0bef2f528627602f8d8eb99190
7ab119b87f63417004d27c1b65b94f0a929fcf06f118bdc27473198acd7a9dc2
7b0bb9cd525a386744d13b2034574f2e2d33ecf2926f8b98134511bfee225968
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7eefb9ef28d5915e4e20369d9c2e20bf2e514b04d4010bcdbb6a8ac10aeae174
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68
80b2f2453e844930d91e57c8e95ec0574e32f976037081ee19562fdd6947afd7
80db474dab782fd8993349438b71d9322b0963535e73798a09e02240288f387c
815099f427b52d9ed44b6a8e5820e030f91edc83ff9036af91d244790da18520
81d388a296fa2ab8233235374c7a8c3609838f7d6cec4ccaf40e0134506d0a98
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8432fe5a456796e06b8a4a07ceebbcbafa9e7000d52f64554265f2d1a1db38d3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862264443e689205050b8e70784263076b09e228e8ec5ce57a94d484b92363cd
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
879b36dcb564a3b55022348cf21e9fa989bc123dae72a309a2082e6f0d6b9004
8874eb2e4480aca2c2cbb14e2309ad6e153676c1e12231ef79fecbfbc3ac66da
8ad647fcd6695c5b4b33a52aef6af2d90e6e5a7b13bf39016f1fb23782814c5a
8befec1d36f95a54fe37a692a67bbd22937c0d77a4f95753934572412a318f41
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7ea423aa6b3c67d811ba1ce6367a67b5880166d717fcd9d582f13e88047497
91468441ec3dfbf632bba6ce2032a5594cdaef33f8ed5a3419f6b19da9c28c38
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
936332d37352aec5e0e4b8116d19fe55904afa0ea87cb3f8e3bade004a324b44
94b07e2fd4abce2130f9e0d122c92a79f4d9b7b83c6bf077467aae0c2dfb83e1
97fea9dcfcea4baf6f72f7228a1a50560a67c9e3d1a82582d9d41f11085631f6
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
998ffdf5c0108d64882bca1222045816eb83f5179157d5c0565c4ef7344b460a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a1424ce361538f352604934ef77302d129ba9488ecf11cfc40db270ddc342e3
9b4e7e4450d1471bce6804cdcc83539815c77b0054843ca14a39ee98efcdbf52
9b9886b9b832e0c6667810601f922d87786a10f0428857c0a02c67a9e2d01884
9ca304dddf1543e3cf8ed96d41181a463f582f529edc8667a0cbc33021f404be
9e4ca8a037e0fa84945ca3df9665c9e41ed9385b721af7343f48140ca37b48d4
9fc31e3a210b3f0cea5aa7f6e48fd83dcdcbc96e69f92db7e4dc7f9f1bac5e5a
9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1da608ebf4c9e1e32844c5cdf955ba53c4c3c027e682d1c3413ccf5db28c2fb
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c41ad913e3ac31a6228be63394eeb8646722a59e7d7ca4fdc83209e923fe90
a30b5bf7dfca5612e72c5494c09539e4f85e4e917b72a081a60b9b822c50d33c
a3ae1e0bf23d194228a34a97a53feba2dd2828a390ced18eacc4cd340a568b77
a6f09f791154544eee4b56822bba9b3fb272e61ab7b3f89da0818f9b27bc8264
a9066d622198805586a155860f77c0c2bad49f29c23d6538b71db189b6089908
a98c1a2bc83007c9add743353ce0ede6e9e71d5984bd2f16fb9747a745653fb4
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36
ac35ef850c04d9b1703908a7e5b6923eb06d5037f41b61608886fae0284e33cd
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aeb6414a2b2ee920a1d73fe8827d78e2a36abff7b99a7b3ad9b1dbab519cf6e6
b14fa49ed0b27e12cfec45f0a86fef00f3610687d4eb7bb8be6af465dc0e51d2
b417a99bba6265ca4e3aeb48bdba0e47c63a3db47f11cce31a6d2091a1fd1307
b7cddfc2dcfd31ca9eecf166e97c14048d77d38840d96c08ec60713b5a62701d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
be341a62bf77e28e4c6af3db5d48edc8f8b80392c3bffa4e6b41ad864205b0d2
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c162064c8a2093a006fc78778e17e6bc731331b4b53ced8d6f63b3228b5e5bf8
c1e1251954ffbd78e1175f171a5dc2a44261f977f12dbf990d2c5a46493dd3b7
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca
c2b69369466f46dcd91d21754fd5222fb07341509ba7a14816781822471f86f3
c3273ecdc0e1b71057b8a0c51ba13a5f52ef8b4b5450b01c40b178f6e4956f02
c35e8f056a211a308b07c31c7ede0cb984808e2effdb8bcf9b22ba476ef63739
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c793e0c6939966b2873ccb7847438c0b2e9021dcc7bc69428dcfd3fb6f139c67
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c9d2748d96fd95c196d8324e1d54a6687b9c457200743595296311f1355207bf
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff186bf01947992d639f5eccf69e30ed53f340ec2792bbcb14aca39ef95a6d5
d1e2678317b162805cb8fd721ff5d299a6a7ebe0414cec544226d9eef0c98a62
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3fd9e7d05e9e72f4eda977557708af8f4f411089e7e6cd05a42a29a54084f55
d535e00b2ab51f4e55adc605f29166ffbc211753cd46abd0bf7e80d1e58af21d
d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9b56ef5a334106d61a7d86ba259f2ba8a6efeeeb7d068517d8e71d2a998b1cc
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e05e0cd6e07cc40ce5a92fca6cb78c2b64706a3a33f912cb26d64f8046166681
e0e71c6aba3a59f0d91405ed8daf610bf101545a26bae64c90de3585c52a88c5
e21aa289818ac270e2647b8f04a0b04a78716f57797940f6fea477c6d03b7e56
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ea85a5339dee1209a92903a2245c02ffe0b9cc264f0804ea04aba2680b0681
e7e50fa796a4c70e7870716a9326e339eb5f7e8d7ba392884b184d0195007872
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c0f53c1345c28c6ad76f44663e643a317f487a5497421d8066b566f47da38e
f422113c3e8ad6af34ceb262a3a9e8cf01b36ebc973d798ddf1cf97d778cac47
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
f86acce052971c1b2c180d0efc7f8114899de3af7a45659d35265ea6c8b34786
f90dd1ff5f6de7e00ccd7854cc500e0576139505e550ff698f505eba24421027
f93d1f1b1e57c7bc77f935bdf50636d5192505e9ce8c34e3bd5f962496b044db
f98bf1bc6ba8cea6bd3edfe9340aa9d469ebad166f24fcf0a1b212c941157c07
f9a67822b5b9e0439a21702b8018c9da6154f6e06a4658d9426b87e7627f4bd1
fa00b22a66787bf941b80c1cb093e2fe83f222cd5012500966ea423096d359b6
fa18546f5b5a6667698d38979f6142d1342535e5e2a382348f9d4dca5d7d6965
fa32ea193e8d3fb78003640ea74e56ba19b4060ed9b136d175a1057594d082e9
fb7c210168ca8297e94d551b750f4cd2e1d60cbb368073ee6696e2f2be6aa96f
fcb6d2f383550c2992f0d725f81223ead4ca307f56af41cead9a0a0982d8cb0b
fcd7d69699a870199b674a1e46d91c176ed932fe15a3a2bda29bba6456f5fa13
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdd004ae7234a8c51b4d4679bdd746e6083749eea925da725b881450c7b4b823
ffcffad8689299e55e26c56cd30d145407515175be19d3bee0b21325e28973d5
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

nj1015.com Open in urlscan Pro 192.229.233.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

334 Requests

100 %HTTPS

0 %IPv6

96 Domains

146 Subdomains

102 IPs

10 Countries

4186 kBTransfer

10861 kBSize

163 Cookies

10 Outgoing links

Page URL History

Redirected requests

334 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nj1015.com Open in urlscan Pro
192.229.233.217 Public Scan

Screenshot
Live screenshot

Full Image

334
Requests

100 %
HTTPS

0 %
IPv6

96
Domains

146
Subdomains

102
IPs

10
Countries

4186 kB
Transfer

10861 kB
Size

163
Cookies

334 HTTP transactions
2 data transactions