sites.prh.com Open in urlscan Pro
2600:9000:25c8:fe00:10:6ab2:f640:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/3SRNqEU
Effective URL:
https://sites.prh.com/get-offline-and-unwind-giveaway/rules
Submission: On June 05 via manual (June 5th 2024, 2:48:45 pm UTC) from US — Scanned from US

Summary HTTP 126 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 33 IPs in 1 countries across 28 domains to perform 126 HTTP transactions. The main IP is 2600:9000:25c8:fe00:10:6ab2:f640:93a1, located in United States and belongs to AMAZON-02, US. The main domain is sites.prh.com. The Cisco Umbrella rank of the primary domain is 639287.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 17th 2023. Valid for: a year.

This is the only time sites.prh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
21	2600:9000:25c... 2600:9000:25c8:fe00:10:6ab2:f640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:291c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:a741	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2600:9000:20e... 2600:9000:20ed:4e00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	54.198.163.17 54.198.163.17	14618 (AMAZON-AES) (AMAZON-AES)
7	2606:4700:20:... 2606:4700:20::681a:216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.222.157 172.217.222.157	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c1d::61	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:77::84 2a04:4e42:77::84	54113 (FASTLY) (FASTLY)
1	2600:1408:540... 2600:1408:5400:1c::173d:b3d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.204.216.154 54.204.216.154	14618 (AMAZON-AES) (AMAZON-AES)
5	23.212.249.86 23.212.249.86	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.162.129.245 3.162.129.245	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:250... 2600:9000:2509:b600:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	69.28.187.147 69.28.187.147	22822 (LLNW) (LLNW)
2 4	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1	44.217.20.44 44.217.20.44	14618 (AMAZON-AES) (AMAZON-AES)
1 6	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	63.140.39.22 63.140.39.22	14618 (AMAZON-AES) (AMAZON-AES)
1 1	44.217.109.191 44.217.109.191	14618 (AMAZON-AES) (AMAZON-AES)
6	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1 1	2600:1f18:730... 2600:1f18:730:b120:bc0d:196f:f88c:da64	14618 (AMAZON-AES) (AMAZON-AES)
1	34.228.125.52 34.228.125.52	14618 (AMAZON-AES) (AMAZON-AES)
6	172.253.63.147 172.253.63.147	15169 (GOOGLE) (GOOGLE)
1	18.217.58.127 18.217.58.127	16509 (AMAZON-02) (AMAZON-02)
1	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
12	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	216.157.106.133 216.157.106.133	13768 (COGECO-PEER1) (COGECO-PEER1)
126	33

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:25c8:fe00:10:6ab2:f640:93a1 (United States)

ASN16509 (AMAZON-02, US)

sites.prh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:291c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:a741 (United States)

ASN13335 (CLOUDFLARENET, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.198.163.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-163-17.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ranh.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.222.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c1d::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:77::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:5400:1c::173d:b3d (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.204.216.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-216-154.compute-1.amazonaws.com

datacloud.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.212.249.86 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-249-86.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.129.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-129-245.iad61.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2509:b600:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.28.187.147 (New York, United States)

ASN22822 (LLNW, US)
PTR: https-69-28-187-147.iad.llnw.net

cdn01.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.217.20.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-20-44.compute-1.amazonaws.com

visitor-service-us-east-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.163.155 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.39.22 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-22.data.adobedc.net

scode.randomhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.217.109.191 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-109-191.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.192.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:bc0d:196f:f88c:da64 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.228.125.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-125-52.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.63.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.217.58.127 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-58-127.us-east-2.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.157.106.133 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	prh.com sites.prh.com — Cisco Umbrella Rank: 639287	602 KB
20	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1326	122 KB
12	facebook.com www.facebook.com — Cisco Umbrella Rank: 119	6 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 351 www.linkedin.com — Cisco Umbrella Rank: 553 px4.ads.linkedin.com — Cisco Umbrella Rank: 6771	4 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2984 tracking.crazyegg.com — Cisco Umbrella Rank: 5345	74 KB
7	lytics.io c.lytics.io — Cisco Umbrella Rank: 13185	51 KB
6	google.com www.google.com — Cisco Umbrella Rank: 5	384 B
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 921	5 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 63	7 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 957 tr6.snapchat.com — Cisco Umbrella Rank: 1289	810 B
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 780	143 KB
4	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 751 pixel.sitescout.com — Cisco Umbrella Rank: 6552	1011 B
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 347	3 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 4294 rp.liadm.com — Cisco Umbrella Rank: 1263 rp4.liadm.com — Cisco Umbrella Rank: 5840	37 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	76 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 250 ranh.demdex.net — Cisco Umbrella Rank: 186947	2 KB
2	randomhouse.com scode.randomhouse.com — Cisco Umbrella Rank: 160631	662 B
2	tealiumiq.com datacloud.tealiumiq.com — Cisco Umbrella Rank: 7735 visitor-service-us-east-1.tealiumiq.com — Cisco Umbrella Rank: 11095	958 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1100	22 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 137	21 KB
2	fonts.net cdn.fonts.net — Cisco Umbrella Rank: 16049	12 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1363	517 B
1	basis.net cdn01.basis.net — Cisco Umbrella Rank: 7540	2 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1295	20 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 880	17 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	87 KB
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 3286	3 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 7017	307 B
126	28

	Domain	Requested by
21	sites.prh.com	sites.prh.com
20	tags.tiqcdn.com	sites.prh.com tags.tiqcdn.com
12	www.facebook.com	sites.prh.com
7	c.lytics.io	tags.tiqcdn.com c.lytics.io sites.prh.com
6	www.google.com	sites.prh.com
6	ct.pinterest.com	s.pinimg.com
6	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.googletagmanager.com
6	script.crazyegg.com	tags.tiqcdn.com script.crazyegg.com
5	px.ads.linkedin.com	3 redirects snap.licdn.com analytics.tiktok.com
5	analytics.tiktok.com	tags.tiqcdn.com analytics.tiktok.com
4	tr.snapchat.com	sc-static.net
4	s.amazon-adsystem.com	2 redirects sites.prh.com
3	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
2	pixel.sitescout.com	1 redirects sites.prh.com
2	pixel-sync.sitescout.com	1 redirects sites.prh.com
2	scode.randomhouse.com	tags.tiqcdn.com sites.prh.com
2	s.pinimg.com	tags.tiqcdn.com s.pinimg.com
2	www.googleadservices.com	tags.tiqcdn.com www.googletagmanager.com
2	dpm.demdex.net	tags.tiqcdn.com sites.prh.com
2	cdn.fonts.net	sites.prh.com cdn.fonts.net
1	tr6.snapchat.com	sc-static.net
1	tracking.crazyegg.com	script.crazyegg.com
1	rp4.liadm.com	sites.prh.com
1	rp.liadm.com	1 redirects
1	cm.everesttech.net	1 redirects
1	ranh.demdex.net	tags.tiqcdn.com
1	px4.ads.linkedin.com	sites.prh.com
1	www.linkedin.com	1 redirects
1	visitor-service-us-east-1.tealiumiq.com	tags.tiqcdn.com
1	cdn01.basis.net	tags.tiqcdn.com
1	b-code.liadm.com	tags.tiqcdn.com
1	sc-static.net	tags.tiqcdn.com
1	datacloud.tealiumiq.com	tags.tiqcdn.com
1	snap.licdn.com	tags.tiqcdn.com
1	www.googletagmanager.com	tags.tiqcdn.com
1	res.cloudinary.com	sites.prh.com
1	bit.ly	1 redirects
126	37

This site contains links to these domains. Also see Links.

Domain
www.penguinrandomhouse.com
protect-us.mimecast.com

Subject Issuer	Validity	Valid
*.prh.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-17` - `2024-07-17`	a year	crt.sh
fonts.net GTS CA 1P5	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-14` - `2024-06-22`	6 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
lytics.io E1	`2024-05-14` - `2024-08-12`	3 months	crt.sh
script.crazyegg.com E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.tealiumiq.com Amazon RSA 2048 M02	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-14` - `2024-06-12`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
cdn01.basis.net GeoTrust TLS RSA CA G1	`2024-05-06` - `2025-06-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh
scode.randomhouse.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-21` - `2025-05-22`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2023-07-31` - `2024-08-28`	a year	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://sites.prh.com/get-offline-and-unwind-giveaway/rules
Frame ID: 77811AD243C674160FF88EE9BC0E9760
Requests: 122 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=8e810b99-aff4-4421-9c2c-d7f1896583e1&u_scsid=1e3ba84a-7368-430a-88f7-c6cff23a4f92&u_sclid=1c28a7ed-16f1-41ee-8adc-e2574b036ad5
Frame ID: 05CEF992EB8791F84B6942791FBEA484
Requests: 1 HTTP requests in this frame

Frame: https://ranh.demdex.net/dest5.html?d_nsid=0
Frame ID: D2CDB018944B47078FCE03C57F64D1E0
Requests: 1 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: C30DA7EF7909C8AE2263BA8B027D9572
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 9C7AB7BC9EB12E1806070B0AB3987136
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Official Rules - Get Offline & Unwind Giveaway - Penguin Random House

Page URL History Show full URLs

http://bit.ly/3SRNqEU HTTP 307
https://bit.ly/3SRNqEU HTTP 301
https://sites.prh.com/get-offline-and-unwind-giveaway/rules Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*id="__nuxt"
/_nuxt/

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

126
Requests

93 %
HTTPS

40 %
IPv6

28
Domains

37
Subdomains

33
IPs

1
Countries

1313 kB
Transfer

3839 kB
Size

79
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.penguinrandomhouse.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.penguinrandomhouse.com/privacy/#choice-and-control-of-personal-information
Title: privacy choices

Search URL Search Domain Scan URL

URL: https://protect-us.mimecast.com/s/V92pC9r2B3ck6YlBJto4ycv?domain=bookriot.com
Title: https://bookriot.com/giveaways/win-a-reading-retreat-march-prh

Search URL Search Domain Scan URL

URL: http://www.penguinrandomhouse.com/privacy/
Title: http://www.penguinrandomhouse.com/privacy/

Search URL Search Domain Scan URL

URL: https://www.penguinrandomhouse.com/

Search URL Search Domain Scan URL

URL: https://www.penguinrandomhouse.com/terms/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.penguinrandomhouse.com/affiliate-program-disclosure/
Title: Affiliate Program Disclosure

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/3SRNqEU HTTP 307
https://bit.ly/3SRNqEU HTTP 301
https://sites.prh.com/get-offline-and-unwind-giveaway/rules Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%253Fid%253D1fe94bd1-7355-98a6-78aa-6d5fef2bea85%2526type%253DUNKNOWN%2526m%253D1&ex-fch=416613&ex-src=https%3A%2F%2Fwww.penguinrandomhouse.com&ex-hargs=v%253D1.0%253Bc%253D2698279340201%253Bp%253D1FE94BD1-7355-98A6-78AA-6D5FEF2BEA85 HTTP 302
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%253Fid%253D1fe94bd1-7355-98a6-78aa-6d5fef2bea85%2526type%253DUNKNOWN%2526m%253D1&ex-fch=416613&ex-src=https%3A%2F%2Fwww.penguinrandomhouse.com&ex-hargs=v%253D1.0%253Bc%253D2698279340201%253Bp%253D1FE94BD1-7355-98A6-78AA-6D5FEF2BEA85&dcc=t

Request Chain 64

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1717598920578&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1717598920578&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D497116%26time%3D1717598920578%26url%3Dhttps%253A%252F%252Fsites.prh.com%252Fget-offline-and-unwind-giveaway%252Frules%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1717598920578&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1717598920578&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&cookiesTest=true&liSync=true&e_ipv6=AQJXLby_g7wEngAAAY_o36HcgmS17193VgEqwujV9SsTPRr9TTLtJDF3sZLPTXAJ1xeYJiI

Request Chain 71

https://cm.everesttech.net/cm/dd?d_uuid=36106076705728922664108730560228851718 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZmB6yAAAAJt-2AMv

Request Chain 73

https://s.amazon-adsystem.com/dcm?pid=8f9b0615-e931-45a3-99e7-549741c1960e&id=da2a36f1-0470-42c5-86ba-7e7823bd0e94 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=8f9b0615-e931-45a3-99e7-549741c1960e&id=da2a36f1-0470-42c5-86ba-7e7823bd0e94&dcc=t

Request Chain 86

https://rp.liadm.com/j?dtstmp=1717598920778&aid=a-00m0&se=eyJldmVudCI6InBhcmVudF93aW5kb3cifQ&duid=70bbd87f53c2--01hzmdz826yh6eea0a2vp2b1vz&tv=v2.14.3&pu=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&wpn=lc-bundle&cd=.prh.com&c=PG1ldGEgZGF0YS1uLWhlYWQ9InNzciIgY29udGVudD0iVGhlc2UgYXJlIHRoZSBPZmZpY2lhbCBSdWxlcyBmb3IgdGhpcyBzd2VlcHN0YWtlcy4iIG5hbWU9ImRlc2NyaXB0aW9uIiBkYXRhLWhpZD0iZGVzY3JpcHRpb24iPjx0aXRsZT5PZmZpY2lhbCBSdWxlcyAtIEdldCBPZmZsaW5lICZhbXA7IFVud2luZCBHaXZlYXdheSAtIFBlbmd1aW4gUmFuZG9tIEhvdXNlPC90aXRsZT4 HTTP 302
https://rp4.liadm.com/j?se=eyJldmVudCI6InBhcmVudF93aW5kb3cifQ&duid=70bbd87f53c2--01hzmdz826yh6eea0a2vp2b1vz&aid=a-00m0&cd=.prh.com&dtstmp=1717598920778&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMTo1NTA6MWQwNToxOjoxMA%3D%3D&pu=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&c=PG1ldGEgZGF0YS1uLWhlYWQ9InNzciIgY29udGVudD0iVGhlc2UgYXJlIHRoZSBPZmZpY2lhbCBSdWxlcyBmb3IgdGhpcyBzd2VlcHN0YWtlcy4iIG5hbWU9ImRlc2NyaXB0aW9uIiBkYXRhLWhpZD0iZGVzY3JpcHRpb24iPjx0aXRsZT5PZmZpY2lhbCBSdWxlcyAtIEdldCBPZmZsaW5lICZhbXA7IFVud2luZCBHaXZlYXdheSAtIFBlbmd1aW4gUmFuZG9tIEhvdXNlPC90aXRsZT4

Request Chain 91

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1051027031/?random=711008316&cv=11&fst=1717598920728&bg=ffffff&guid=ON&async=1&gtm=45be4630v9134321088za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&label=0rOvCLSJq7YBENfMlfUD&hn=www.googleadservices.com&frm=0&tiba=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&npa=0&pscdl=noapi&auid=1738212260.1717598921&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI6J-nzNrEhgMVuVtHAR3ZJg_BMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vc2l0ZXMucHJoLmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/1051027031/?random=711008316&cv=11&fst=1717598920728&bg=ffffff&guid=ON&async=1&gtm=45be4630v9134321088za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&label=0rOvCLSJq7YBENfMlfUD&hn=www.googleadservices.com&frm=0&tiba=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&npa=0&pscdl=noapi&auid=1738212260.1717598921&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI6J-nzNrEhgMVuVtHAR3ZJg_BMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vc2l0ZXMucHJoLmNvbS8&is_vtc=1&cid=CAQSKQDaQooL4adKOW1IKikmiNifotIldKdrVuDMhIWwl7yspohyUMNdmYn9&random=482505827

Request Chain 118

https://pixel-sync.sitescout.com/dmp/asyncPixelSync HTTP 302
https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1

Request Chain 119

https://pixel.sitescout.com/up/3cc95e89f029439a?cntr_url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules HTTP 302
https://pixel.sitescout.com/up/3cc95e89f029439a?cookieQ=1&cntr_url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules

126 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request rules Show response
sites.prh.com/get-offline-and-unwind-giveaway/
Redirect Chain

http://bit.ly/3SRNqEU
https://bit.ly/3SRNqEU
https://sites.prh.com/get-offline-and-unwind-giveaway/rules

51 KB
12 KB

391ms
156ms

Document
text/html

2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fbca76606744d96ed96d7f6ed37771b00e312a2ee09f01f59cac71c33da1dc1d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges: none
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Wed, 05 Jun 2024 14:48:39 GMT
etag: "cd79-s09epQ5uH2oeegwcOw+jEhSoL6c"
referrer-policy: strict-origin
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-id: uc9h1F3FAv6xBt62PFx0C8xNWDrz0FqzAm9e51KVv33v1H6MjgZi1g==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 146
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Wed, 05 Jun 2024 14:48:39 GMT
location: https://sites.prh.com/get-offline-and-unwind-giveaway/rules
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H2 200 8dde544c-3825-4457-a7ca-19db051b23e0.css
cdn.fonts.net/kit/8dde544c-3825-4457-a7ca-19db051b23e0/ 223 KB
12 KB 125ms
51ms Stylesheet
text/css 2606:4700::6810:291c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fonts.net/kit/8dde544c-3825-4457-a7ca-19db051b23e0/8dde544c-3825-4457-a7ca-19db051b23e0.css
Requested by: Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:291c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ed637eaae9d726faedf166af27d372145996d5965de1c8c830f84277ded3f5d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
x-amz-version-id: 00ABWgmpg8RWMuGPwxkYFY7X_x2uCJSp
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: NPBQSC8J8JWJBA73
age: 969
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: T3HUu+Cj28mbA7javJBbSb5hY6+TGV13o26HsfLqD2+/a1+7XCZh+nctyT1o0XxfytXUIIACxNs=
last-modified: Mon, 06 May 2024 13:26:09 GMT
server: cloudflare
etag: W/"154bc31cbe25ea5b7c563f85102ad619"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 88f0f7005bf65c78-MIA
expires: Wed, 05 Jun 2024 14:53:39 GMT

GET
H2 200 aa89cb0.modern.js Show response
sites.prh.com/_nuxt/ 6 KB
3 KB 84ms
81ms Script
application/javascript 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/aa89cb0.modern.js

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7f15931143965c295d76c2875ec260f812a0eb5149cf083845f218ed4c7bad43

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"1844-18fdf805aba"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: f4GA-B2E9qFQtMzgw3nmU5DiO1efX-sB4n4lBGzswmB_S0qncA1jHg==

GET
H2 200 726cd1b.modern.js Show response
sites.prh.com/_nuxt/ 242 KB
82 KB 179ms
176ms Script
application/javascript 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/726cd1b.modern.js

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2e44273ef77efde93addc4f59a6de775256efc74715ba2c1e566b31594859e05

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"3c79e-18fdf805ab6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: KQoxbAf3Tt74wPMAiofanlODEogpBSF5Oj9vYzFI5voyhCkGbNJVjw==

GET
H2 200 1263963.modern.js Show response
sites.prh.com/_nuxt/ 111 KB
33 KB 179ms
176ms Script
application/javascript 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/1263963.modern.js

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3980c0fa916c9021d1993bd4ecb45990a6717bbadbcd68efcae622244485dd3c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"1bd91-18fdf805aae"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: polx0ayRcTE9BTxuCtCH6lKaKjAaZIYfUBFztE0_DaeSWcLhTtnNjQ==

GET
H2 200 a250a99.css
sites.prh.com/_nuxt/css/ 245 KB
28 KB 167ms
165ms Stylesheet
text/css 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/css/a250a99.css

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5bb8574cf0d2ec1b2b03e155dd595c043a90b2277f8608f326e7f8b20bc43b7a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"3d475-18fdf805abe"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: pwbeOzG1ixhexLDfS1xbywWqImD1OEk47xzwRxPmKedw4xtYXGVuSQ==

GET
H2 200 4c496af.modern.js Show response
sites.prh.com/_nuxt/ 90 KB
29 KB 94ms
92ms Script
application/javascript 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/4c496af.modern.js

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d656ffdbdeccfed4f0e485f95da5f80370ccfcba7a56e669181683d0c52ae871

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"16751-18fdf805ab2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: jKoh-C0gHU34xuDeZ2_nXPXtNgwUvbIR5OXqY5h3p9Q-1qWzCfzxgQ==

GET
H2 200 0c0d2a3.css
sites.prh.com/_nuxt/css/ 8 KB
3 KB 81ms
79ms Stylesheet
text/css 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/css/0c0d2a3.css

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8dffe06fa502526834dde25bd92689fa7c0f89cf100877c8fe4b8a03b478c4fd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"1fe4-18fdf805aba"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: iSpEp9Y63irefB7-W7tsh1X0-lhqaI20YfASWgUdTRN-uRpAgyg9rw==

GET
H2 200 ac591c4.modern.js Show response
sites.prh.com/_nuxt/ 121 KB
28 KB 94ms
92ms Script
application/javascript 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/ac591c4.modern.js

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

305f76c397556c7c653b7f550a52a523b94d3ba5db7e8e6b155493c70220202b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"1e521-18fdf805aba"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 2qfiqet7Ujwn81yzuxWXOu3WyF5QpOYVsy5FI5Fb3xkXF8VqvwXpaw==

GET
H2 200 2b4fa9f.modern.js Show response
sites.prh.com/_nuxt/ 2 KB
1 KB 155ms
154ms Script
application/javascript 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/2b4fa9f.modern.js

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4c0566f4ff229e5802af708c7b9255ad761d2c009f24cf8684a7cb3c8fbe4cde

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"825-18fdf805ab2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: cydOi3zgl0jSiPJqygrmXT4xtyQEf3DvzPtRUbBlajk5mQm4PWnmdA==

GET
H2 200 1.css
cdn.fonts.net/t/ 0
204 B 43ms
42ms Stylesheet
text/css 2606:4700::6810:291c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fonts.net/t/1.css?apiType=css&projectid=8dde544c-3825-4457-a7ca-19db051b23e0
Requested by: Host: cdn.fonts.net
URL: https://cdn.fonts.net/kit/8dde544c-3825-4457-a7ca-19db051b23e0/8dde544c-3825-4457-a7ca-19db051b23e0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:291c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.fonts.net/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 136GB29DPC1RTV84
age: 8344
x-amz-server-side-encryption: AES256
content-length: 0
x-amz-id-2: pkmrpu0Dv8qfnP4vAVpYiF5M7yqurHBp4qFU9lmnDPZFGWPQq8O9AwT9FmQkbiZE22w4AD1JrIrvbe9Khsn07I8+XghNpDZL
last-modified: Thu, 20 Oct 2022 08:49:27 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 88f0f700ac945c78-MIA
expires: Wed, 05 Jun 2024 14:53:39 GMT

GET
H2 200 ShiftWeb-Bold.22af8c4.woff2
sites.prh.com/_nuxt/fonts/ 62 KB
62 KB 82ms
79ms Font
font/woff2 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/fonts/ShiftWeb-Bold.22af8c4.woff2

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/_nuxt/css/a250a99.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

57fcf61e69228bf0b96e6e501963c7bdcc7aa4f7f8cdb854ac50a2bac7c67179

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Origin: https://sites.prh.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
content-length: 63284
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"f734-18fdf805ac2"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ql4AOgMphUZc1AIJ6wTEBCHsifmI_dImghDdmrEVIq2HXb6ChW2l-g==

GET
H2 200 FortWeb-Medium.1a4908d.woff2
sites.prh.com/_nuxt/fonts/ 43 KB
44 KB 117ms
115ms Font
font/woff2 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/fonts/FortWeb-Medium.1a4908d.woff2

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/_nuxt/css/a250a99.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3909ea095537ad8cb665ff1c36887ebbddaca19098bededca5043ff7f3e8b442

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Origin: https://sites.prh.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
content-length: 44072
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"ac28-18fdf805ac2"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: cQl1TD97efIsMNa_Ni1i6NvMZYSWcNtMdzKhK1miJ4mHs-ZSj67-kQ==

GET
H2 200 FortWeb-Book.4a4a717.woff
sites.prh.com/_nuxt/fonts/ 54 KB
55 KB 97ms
95ms Font
font/woff 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/fonts/FortWeb-Book.4a4a717.woff

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/_nuxt/css/a250a99.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

42f62bf4c7da60751add257278da9ad557154d9fd5c60df66484a8fe13ed5565

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Origin: https://sites.prh.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
content-length: 55776
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"d9e0-18fdf805ac2"
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 19l5EVcJRhxWIiqIo0bW0edvunw6y6WN93lXjDpt8E_XcDq4xVlf1w==

GET
H2 200 FortWeb-Bold.43c6a75.woff2
sites.prh.com/_nuxt/fonts/ 44 KB
45 KB 108ms
107ms Font
font/woff2 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/fonts/FortWeb-Bold.43c6a75.woff2

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/_nuxt/css/a250a99.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d2afc73ae84e0d3f3a16af4d902180759c2ba7141c188e876743f3d39ec16f93

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Origin: https://sites.prh.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
content-length: 45428
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"b174-18fdf805abe"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: NcKqGSctKAFBtagJiXc4kEhx0MUhVdryHGGM5KSxpYr4GX0rFeTV3Q==

GET
H2 200 prh_logo.svg
res.cloudinary.com/itimages/image/upload/v1618943772/static/ 7 KB
3 KB 171ms
70ms Image
image/svg+xml 2606:4700::6813:a741
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/itimages/image/upload/v1618943772/static/prh_logo.svg

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a741 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5312c84776d47d07285043ba061c45171ac4591f6180dc47324b45abb1e08b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=604800
content-disposition: attachment; filename="prh_logo.svg"
server-timing: cld-cloudflare;dur=24;start=2024-06-05T14:48:40.011Z;desc=hit,rtt;dur=28,content-info;desc="width=370,height=180;"
content-length: 2767
last-modified: Tue, 20 Apr 2021 18:36:15 GMT
server: cloudflare
etag: W/"b2caa899b1b5788b6332d14c207c693d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
cf-ray: 88f0f701feff7442-MIA
timing-allow-origin: *

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 168 KB
43 KB 218ms
69ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Requested by: Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d82ee094d22dc362f558b7995e8a229aad8472df6224af6348922f9c3ea825be

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: pLU5AtFD_gCVM_XdS41Vk0eOgYqJPmij
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:45:54 GMT
last-modified: Thu, 23 May 2024 19:00:11 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 167
x-amz-server-side-encryption: AES256
etag: W/"a819c88734298dc8f142df50960b99e3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: NGDIpebKH13Ad9sampgylX0VjFI2TY1SC4eMRfsGID8-cZ4qTLVNWg==

GET
H2 200 c96607b.modern.js Show response
sites.prh.com/_nuxt/ 15 KB
6 KB 77ms
75ms Script
application/javascript 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/c96607b.modern.js

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/_nuxt/aa89cb0.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

aa4d0bca0785a5b5d5e8110a67aca76bb49a6195057033ce5481518f75157b9f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"3a7b-18fdf805aba"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: KT3IJvO1WZ52XekXu1zidS80s-Ui4uBqyXbdWMjv08AKSU7dKQNCiQ==

GET
H2 200 92a145b.modern.js Show response
sites.prh.com/_nuxt/ 73 KB
26 KB 93ms
91ms Script
application/javascript 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/92a145b.modern.js

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/_nuxt/aa89cb0.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7bfcc6a697b890dddb2e1a924c70e16510bed0d1a7016fd382af08c71df1ae1a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"123ea-18fdf805ab6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Vxy4q_xP3yiHljdZhxxV3OEZ6-TbHGZ3usAW3PFD_T11dgNylbeTIA==

GET
H2 200 a0a833e.modern.js Show response
sites.prh.com/_nuxt/ 92 KB
29 KB 86ms
85ms Script
application/javascript 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/a0a833e.modern.js

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/_nuxt/aa89cb0.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

53c84a3d6408a4ef1ffeede221b13748f8f599fb5f3a80d08c5d8ef9967e38ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"16e16-18fdf805ab6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: _J1r-5NBeaaxLhRxbAH17beabREcad-JNpTCCbgLf-zoMHPSbndsvg==

GET
H2 200 a6bb588.css
sites.prh.com/_nuxt/css/ 2 KB
1 KB 81ms
80ms Stylesheet
text/css 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/css/a6bb588.css

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/_nuxt/aa89cb0.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9d741372f8c4d3d6e071e8c796f1773fbe1556729584a99c4ffce7b17497592a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"81a-18fdf805abe"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: OuAz6b7OfNUCGI9x31PK8r5u0x5-PyR8ANHnN2PJYIItGzZ2MEOYMQ==

GET
H2 200 432eb8a.modern.js Show response
sites.prh.com/_nuxt/ 23 KB
6 KB 80ms
79ms Script
application/javascript 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/432eb8a.modern.js

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/_nuxt/aa89cb0.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7502dcecd3fe9aec950d3623d67c95af3583fd5a64e668689b63be507dbfbd0c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"5b02-18fdf805ab2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: TTgToySaiQtW4y1IPXXFDkWq0s5HUNufiqnWq1e3utJ4tSyOaHefHg==

GET
H2 200 utag.326.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 10 KB
3 KB 61ms
60ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.326.js?utv=ut4.45.202305242115
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abdd07d20dc6ebb3a89391c3b9bae6094a30ec09d2a17f3b59e9e904c17d4b5a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: E3UnZJ4E0.goqJEt1YyJRZfc_mMamlzI
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:44:12 GMT
last-modified: Thu, 23 May 2024 19:00:09 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 269
x-amz-server-side-encryption: AES256
etag: W/"a227d61062b0a9a16bc6b552768a412c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: TlQlRq9xXqRhQFjfTwgpQ6OMKyX6ef5vJvTBoWwgEOmtgtYwqfyGCA==

GET
H2 200 utag.663.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 612 B
1 KB 98ms
98ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.663.js?utv=ut4.45.202401251515
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a38023e8632a4d511fe4f0549b001ef7422b9e172b6c0f9f9983991c2af94e76

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: MZVS4LdAMbOpWyvqBBVUP8CadBF.XeOh
date: Wed, 05 Jun 2024 14:48:41 GMT
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2024 19:00:07 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
etag: "ceee897ed0202f62738e04deff23e1bc"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 612
x-amz-cf-id: 4AjLUEbl3-87Yn4i3HD7hBrVaBmA-H7pSxWjbLtWhPJ_VhydQzHEGw==

GET
H2 200 utag.1.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 79 KB
26 KB 100ms
99ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.1.js?utv=ut4.45.202405061629
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03a71cfbbf7a73d828943f0b387a8e601f6a596b1a84728af5707fcfdb53cad8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 3aMWUdwT1qWzM561ql2y2BekB9eMe04O
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:48:41 GMT
last-modified: Thu, 23 May 2024 19:00:07 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
etag: W/"4837d1937331d8ef10a90b37ac99e67a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: DqafQnMNmkAUtVjpLiE7YOwi4CtJU7mDHoaVg_uK96DWT91tUOp1Vg==

GET
H2 200 utag.184.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 5 KB
2 KB 114ms
114ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.184.js?utv=ut4.45.202212142250
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b7d92d23f39b9c32f3346a5a3915e940efddbf65882ef12a89b17a72d3838ca

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: wlerDmBfJwfcWce10PA0kZc.RjC3lCgT
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:48:41 GMT
last-modified: Thu, 23 May 2024 19:00:08 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
etag: W/"a7f16ed8e74869c5488f0b32c91965c0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: KHGN7j_Nm8oqDp-G0OLj9H7HadjzmOojwyra43gvQpTRjsnZdzvt5w==

GET
H2 200 utag.69.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 5 KB
2 KB 66ms
65ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.69.js?utv=ut4.45.202309121825
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b590dfe36b1751c0320cde51a64a56cff57a44cc5e712ab5d696a230456b8f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vGsb1LXNMckeEiXvIBoVGfJ0mtNeuo8I
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:46:33 GMT
last-modified: Thu, 23 May 2024 19:00:06 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 128
x-amz-server-side-encryption: AES256
etag: W/"dedbec367b8aab81ddbe62ff37530d8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: vE4ev73sMjmlGnZ0uIEDDzgco3_ZbPDV2anVWvmTqyDNlNDUw3atMQ==

GET
H2 200 utag.239.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 6 KB
2 KB 121ms
120ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.239.js?utv=ut4.45.202309122044
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76339f247090db023ce7cf990559ca34934e07a3b46e795f31670895413970a0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 1vQquYmhOUCSxhWyulsglBuP_FYoNCQp
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:48:41 GMT
last-modified: Thu, 23 May 2024 19:00:08 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
etag: W/"15fed8e44ba800ac2d638953786edbf8"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: gUnMZHAPoRpbwGH_SALgGyvKW0x96dj3uTmhlfQPpjMfNIX_skZQQg==

GET
H2 200 utag.410.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 1 KB
1 KB 66ms
66ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.410.js?utv=ut4.45.202212142250
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f26cb6904c75a3dcb095eaf6bc51ebb399b02a5ba3bfee5f105d8b2cacd81708

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qTAJKCYbYbvPqrbs53vO3.awMixUW4wt
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:46:33 GMT
last-modified: Thu, 23 May 2024 19:00:10 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 128
x-amz-server-side-encryption: AES256
etag: W/"a6c607a0e5493e69fb71bce207b470a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: XAWSFOLWL0qaCrhrAQL5S5vmSHNhwU4lTDiXOWBrsqCl_KwdTJl4mg==

GET
H2 200 utag.405.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 10 KB
3 KB 62ms
62ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.405.js?utv=ut4.45.202402261629
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e418ccdf735c8ea76e304565306059ca61d7891a50c5a6622ae3581bc062f7a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: T9f.Vdar6uA64Q3rRHXjvy1wF2s.a68Z
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:44:13 GMT
last-modified: Thu, 23 May 2024 19:00:07 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 268
x-amz-server-side-encryption: AES256
etag: W/"f6fc973d7eb44d672619ba9991e0a35f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: n5R9sMoOaBkBUbJlEwlo5vFTiCEuQyk6KnUMBYjKJhIh8gNlP6sDaQ==

GET
H2 200 utag.416.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 4 KB
2 KB 66ms
66ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.416.js?utv=ut4.45.202212142250
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7595cabc12bbf1e5616032ad80422b85120a683ee8ffdbf1faacc635a2984e5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: eTT2w9npHVeLm_rGHDB6FoltjgzCcKLF
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:46:33 GMT
last-modified: Thu, 23 May 2024 19:00:06 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 128
x-amz-server-side-encryption: AES256
etag: W/"c74acb803d65c6222e59457ad8e349b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 73NAPiAy64dLArXUN--ASXodTIiYv0k8ft2XK5nmxhsW-byMpFz-cA==

GET
H2 200 utag.358.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 12 KB
5 KB 66ms
66ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.358.js?utv=ut4.45.202312131512
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32b0a19f3c9794d81a92a324c877ebdf93e2b1654a5474eb297ea0b83197931b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: aH5VsNrUeuxpQRr1cwz2NTfJNTVjo6UG
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:46:33 GMT
last-modified: Thu, 23 May 2024 19:00:07 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 128
x-amz-server-side-encryption: AES256
etag: W/"cb2702bf0f0b218685483aecf563ebf7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: bOBCbafnqfpCj9w4YPDkSKH4Qnt3Qgpv9NlGiIAfU-ZfPbyJ7G_A4w==

GET
H2 200 utag.23.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 15 KB
5 KB 113ms
112ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.23.js?utv=ut4.45.202103042017
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d85107473d8523ac6e889ca39753b9c3fd7ab0b24020c5c25182929b0436ac17

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 3ltfb.NOo1Qvms5sDbRuT3lfdGXC0usY
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:46:33 GMT
last-modified: Thu, 23 May 2024 19:00:11 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 128
x-amz-server-side-encryption: AES256
etag: W/"aa03b0a549a705a7835db7d5485ba02e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Nf2J5g5LpAwv1HDavituqdpl87OzzhdT7FnujG_aw8T3xQM4tZTLLQ==

GET
H2 200 utag.576.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 9 KB
3 KB 113ms
112ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.576.js?utv=ut4.45.202309051327
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05869be94955e402b7345c9ff1d9c448c73bf1d55da74207aff33fecde384ade

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: mEvTlt33Dq8QhlqyXIkfK9HIVMzE6m3E
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:46:33 GMT
last-modified: Thu, 23 May 2024 19:00:10 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 128
x-amz-server-side-encryption: AES256
etag: W/"eae5df5826eebd746c63dcbbb3de1edf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Jjp5-8i1dhcegImMO1BdYLpHKCfdIlMdRywAvJ4s0SZ2yl82vyyrBA==

GET
H2 200 utag.598.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 6 KB
3 KB 150ms
149ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.598.js?utv=ut4.45.202212142250
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2bc005d2a64f9a13b728871ef037b05a0658801b61e00418964920fc1d5cd32

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: QsJgxL1SCRZ5izvYZ4Pp7FSf25b3w0XA
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:48:41 GMT
last-modified: Thu, 23 May 2024 19:00:06 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
etag: W/"61bde83d36b0ec96cbd95ae61fde068c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: tlsLu-5mDJUAtjepWUEl8oDQhBoD4NY9YbMgrXkbjka1UThKwxdbLg==

GET
H2 200 utag.637.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 36 KB
10 KB 161ms
160ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.637.js?utv=ut4.45.202306221557
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 112c9d89211958b40e4c27e1ab3390a3508fa61e14d722ca914ff6507bd09ec2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 7R.P_VRLFXWU6aX.g9j_63tlg_oH66rU
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:48:41 GMT
last-modified: Thu, 23 May 2024 19:00:08 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
etag: W/"135457a8b06845f5afb1dc0fc682e227"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 43WLmngMm47yOpgoDYmMHWKb-sgmpQJp_iCZuoRbONu3qM7ajqeXtA==

GET
H2 200 utag.376.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 4 KB
2 KB 108ms
107ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.376.js?utv=ut4.45.202112021604
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bad9f608511717a493cbad0e9b2127cc417cac995df4d9915461fc603da9f18c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: XgDnxQLpZDPbYOcb.SPitSNpDpKj5nki
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:44:13 GMT
last-modified: Thu, 23 May 2024 19:00:07 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 268
x-amz-server-side-encryption: AES256
etag: W/"4dfb165b5d803d37a5b88d671675e7b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: MYS6-JI4Ol9JAPWeqFaVbrd57NmzhkJQxYvK3fg77FRPrU11dNQAFw==

GET
H2 200 utag.654.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 12 KB
4 KB 113ms
112ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.654.js?utv=ut4.45.202402142002
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1dfeb6a6645bed6ebd559ee3e42a6c83a8c00c2be38c1f7b333b1694bf8ab7f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: G8gyHnLM4Qw80cFwAWb9pa2HOdddyc5_
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:46:33 GMT
last-modified: Thu, 23 May 2024 19:00:09 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 128
x-amz-server-side-encryption: AES256
etag: W/"19e8b3e6dec89585eec8956c8702e098"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: VRMhaSWXYNZm1CvI7M2c3CfiR7vJAIuXBd61S0lvmgja6kr4WWB1Hg==

GET
H2 200 utag.661.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 13 KB
3 KB 152ms
151ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.661.js?utv=ut4.45.202309211557
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 720cf6a5c7798546b870deb2d636608c7259d283ddbfef95d3e64f43e7d75c2c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 4vvw2XVpLdCKR5fw.x_BKQ1dP6OVapL.
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:48:41 GMT
last-modified: Thu, 23 May 2024 19:00:06 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
etag: W/"c6ea2103890c2cd7eed9bb6851f52006"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: T4uYidMoo_2rQA1tpTt8yFkG2u1_Y9Q9H9XZZ5j92S1qtTKAToZ2wg==

GET
H2 200 utag.682.js Show response
tags.tiqcdn.com/utag/random/rhcorp-prh/prod/ 3 KB
1 KB 150ms
150ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.682.js?utv=ut4.45.202405211329
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae66785b392d01948295fd618bc5d952d128e710089db2e7bbd3a8d6a2c70f68

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: zOjidQDmKT2jlpjr1x5LXh0TwMYZWSnv
content-encoding: br
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
date: Wed, 05 Jun 2024 14:48:41 GMT
last-modified: Thu, 23 May 2024 19:00:08 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
etag: W/"ce456d625d36e3e65040ed5924eeee18"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: BFBe7b_g66gieFf893hvCG0_p2XgEO6M0u_QQ28qBpOAtUxcRrfFtw==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 59ms
59ms Script
application/javascript 2600:9000:20ed:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=random/rhcorp-prh/202405231858&cb=1717598920356
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Wed, 05 Jun 2024 14:44:35 GMT
via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
age: 246
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: Bfs3cWGS4GYWIsuHLCtjpKJ9rNpJtF5feU84NJJI4-Q7Cb8FGqgksA==

GET
H2 200 id Show response
dpm.demdex.net/ 2 KB
1 KB 255ms
56ms XHR
application/json 54.198.163.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=683138055267EABE0A490D4C%40AdobeOrg&d_nsid=0&ts=1717598920371

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.198.163.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-198-163-17.compute-1.amazonaws.com

Software

Resource Hash

b3454237c68c0f9fc0896ef59b05e5bd9d8c82cc76ee2b3bd5f314906315309c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-va6-2-v060-0862c450b.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: H6La9tJkS6Y=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://sites.prh.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 894
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/1615abb2fee499fc8f7dd878cbe2db80/ 67 KB
23 KB 109ms
39ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/1615abb2fee499fc8f7dd878cbe2db80/latest.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.326.js?utv=ut4.45.202305242115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd78a5fe7be10e791ef6bceeda8436bd735ef5d46bc3deb98312a4f56f36f147

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5304
last-modified: Wed, 05 Jun 2024 13:20:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pvj39LZk4AhS8nGsqNClbxUonlTHU4QNo%2F6ZPO3trKZvxjb11uGL643ulwMGXOsSOylBxbP5Usn%2BxljupG2uy1jrbHa1maqUP6hD6XsLkE%2B9hNgbbEG%2Fvc2pD%2BNQlRC3EEU8yrvyYn9I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: aa2cacbb287c2b01f57b0131108df089
cf-ray: 88f0f704db00030a-MIA

GET /
c.lytics.io/ 0
0

GET
H2 200 0883.js Show response
script.crazyegg.com/pages/scripts/0121/ 6 KB
2 KB 117ms
41ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0121/0883.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.663.js?utv=ut4.45.202401251515
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 744920f42cff78a7f0ebbad9d8f8c0a64eedd710e7acdaa944032f4a387cfc56

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 326
cf-polished: origSize=6229
ce-version: 11.5.214
cf-bgj: minify
last-modified: Wed, 05 Jun 2024 14:43:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 88f0f704eba167e6-MIA

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 53 KB
19 KB 167ms
111ms Script
text/javascript 172.217.222.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f157.1e100.net

Software

cafe /

Resource Hash

95c3a41dc0300691569690f968222223b3cf13c9c950e6ac2f0c48003b71f8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19423
x-xss-protection: 0
server: cafe
etag: 13397053139491029127
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Jun 2024 14:48:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
87 KB 186ms
65ms Script
application/javascript 2607:f8b0:400d:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1051027031

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41bb8578a326ce9d48eba5ae604507f4f98508b2ffdb567247ded145745b63fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88263
x-xss-protection: 0
last-modified: Wed, 05 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jun 2024 14:48:40 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 235ms
58ms Script
application/javascript 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: br
x-cdn: fastly
etag: "c292daff66d2a9db8fb67b7807bf3c7b"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1881

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 185ms
56ms Script
application/javascript 2600:1408:5400:1c::173d:b3d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:5400:1c::173d:b3d Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 May 2024 17:20:18 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=70309
accept-ranges: bytes
content-length: 16683

POST
H2 200 i.gif Show response
datacloud.tealiumiq.com/random/main/2/ 43 B
748 B 175ms
55ms XHR
image/gif 54.204.216.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://datacloud.tealiumiq.com/random/main/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.23.js?utv=ut4.45.202103042017
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.216.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-216-154.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryQ77fuP9TT49GxNSG

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
x-serverid: uconnect_i-04d471df3e8bb7d1c
x-tid: 018fe8df9de70001f073f6cc04ec0506f003b06700b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: random:main:2:datacloud
x-region: us-east-1
content-length: 43
pragma: no-cache
x-did: 018fe8df9de70001f073f6cc04ec0506f003b06700b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://sites.prh.com
x-ulver: c96738eb23f13a0bc90b20c8f326b2afa31d7e2b-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: a34abfb7-9bc1-4024-90a1-ec82f151210f
expires: Wed, 05 Jun 2024 14:48:40 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 244ms
97ms Script
application/javascript 23.212.249.86
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SGAO96H18A0MH1EN5G&lib=ttq
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.249.86 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-249-86.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: dca9c7e0246a726ba021661c6ea7728c569bf038195d4e2a68fb8371d4a48516

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 2d814b33
date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2406051448402C7C733AF83610249CA7-7E9B4AF6EC482912-00
x-cache: TCP_MISS from a23-220-105-86.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=10
content-length: 1777
pragma: no-cache
server: nginx
x-tt-logid: 202406051448402C7C733AF83610249CA7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.220.105.86
x-tt-trace-host: 016db96f4a9ed650deae557ce1d8f0e1e5f45bca1d94697f3c453aa29726d07306feb2607da8f0dc15ce2e13acd74b089b5c93c8e807864e0026a7031dbf35cfc39783fa513c2bb4a33a3ccc36d85139e2578a0d3a35ddde73a84925dd55cf3707
expires: Wed, 05 Jun 2024 14:48:40 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 45 KB
20 KB 191ms
80ms Script
application/javascript 3.162.129.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.129.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-129-245.iad61.r.cloudfront.net
Software: CloudFront /
Resource Hash: bbcaea2f5270b092d8de9217541148a27a51880cd5029f612d69f2c38d6c2aba

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
via: 1.1 cbc24fc015944f60fff0a495ec6d86c0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD61-P3
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 19625
x-amz-cf-id: CfwFUNwpgAgoq5RCst7ZXgqF_Fj-fCXRa7iWwSTytcQb7vqrkd5eAg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 233ms
54ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jun 2024 14:48:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=12, mss=1297, tbw=2800, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: WHK6pM5p1OF1JXrM56qlHG1e62toSw4WWLV9PO0deMxlt14YC7VWjDqKOw+ztF0V2aBb9cdoOzIfwGLdlRkh5Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 103 KB
22 KB 48ms
47ms Script
text/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 13:01:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6453
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yh4Dcfj3jRqPA5R7o3saRr%2FpseRux5zzkf4UMJDtDnnb9OUFhalh6PlQFCHkBPheWbEhYJIz0QeCdDvYp0manfmjOPjdfaL4D6oxDhm%2Fyy6JUUjYwCRXN4b55%2BaW79%2BN5A2C7v%2BWj4oR"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 88f0f7051b51030a-MIA

GET
H2 200 a-00m0.min.js Show response
b-code.liadm.com/ 101 KB
36 KB 212ms
65ms Script
application/javascript 2600:9000:2509:b600:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-00m0.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2509:b600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 96f7f14d33c194b59a7ffb94270c4d5a03ed28def6ad49506df0ad837171671f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:16:46 GMT
content-encoding: gzip
via: 1.1 b7f525be96cecf61bbec66a423b622b0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P2
age: 1914
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: nQJ_X7GZCONY4xxBlucQ34my4-7OUVlAurcsAQhMWTImQJ4NRHC4aw==

GET
H2 200 up.js Show response
cdn01.basis.net/assets/ 4 KB
2 KB 170ms
53ms Script
application/javascript 69.28.187.147
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.basis.net/assets/up.js?um=1
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-187-147.iad.llnw.net
Software: AC1.1 /
Resource Hash: 64f79d2b82f30e45a0f64e55d407500f68dd1de845dac688084e88cc4bfff4e4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
last-modified: Tue, 02 Apr 2024 15:41:58 GMT
server: AC1.1
age: 56411
vary: accept-encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1714
x-llid: 50ded7d65959edfedc2129f1703f7924

GET
H/1.1

200
OK

iui3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%253Fid%253D1fe94bd1-7355-98a6-78aa-6d5fef2bea85%2526type%253DUNKNOWN%2526m%253D1&ex-fch=416613&ex-src=https%3A%2F%2Fwww.penguinrandomhous...
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%253Fid%253D1fe94bd1-7355-98a6-78aa-6d5fef2bea85%2526type%253DUNKNOWN%2526m%253D1&ex-fch=416613&ex-src=https%3A%2F%2Fwww.penguinrandomhous...

43 B
855 B

117ms
73ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%253Fid%253D1fe94bd1-7355-98a6-78aa-6d5fef2bea85%2526type%253DUNKNOWN%2526m%253D1&ex-fch=416613&ex-src=https%3A%2F%2Fwww.penguinrandomhouse.com&ex-hargs=v%253D1.0%253Bc%253D2698279340201%253Bp%253D1FE94BD1-7355-98A6-78AA-6D5FEF2BEA85&dcc=t

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://sites.prh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Jun 2024 14:48:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6YRNT66BHM1EPNJGQ806
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Jun 2024 14:48:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DQ5T6NK26C8JEGGTPWMJ
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%253Fid%253D1fe94bd1-7355-98a6-78aa-6d5fef2bea85%2526type%253DUNKNOWN%2526m%253D1&ex-fch=416613&ex-src=https%3A%2F%2Fwww.penguinrandomhouse.com&ex-hargs=v%253D1.0%253Bc%253D2698279340201%253Bp%253D1FE94BD1-7355-98A6-78AA-6D5FEF2BEA85&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 FortWeb-Light.e694e73.woff2
sites.prh.com/_nuxt/fonts/ 43 KB
44 KB 82ms
81ms Font
font/woff2 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/fonts/FortWeb-Light.e694e73.woff2

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/_nuxt/css/a250a99.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2b6f334e67ca56ccfc6677473f1fb9e6408733323af10883bfad7b175b1cf1c8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Origin: https://sites.prh.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
content-length: 44516
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"ade4-18fdf805ac2"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 1oUY9tcpuWxtdPQhZad0w_-J_yVdC8rtuAFnQ6MLjMDdUldD91NZ5w==

GET
H2 200 ShiftWeb-Book.db690ce.woff2
sites.prh.com/_nuxt/fonts/ 61 KB
61 KB 87ms
86ms Font
font/woff2 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/_nuxt/fonts/ShiftWeb-Book.db690ce.woff2

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/_nuxt/css/a250a99.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

18986a6c90fc5a4ede6b7c8d58765f0df5a3d8cfec5c7462fb71a11f7c9fa54c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Origin: https://sites.prh.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
content-length: 62332
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:02 GMT
etag: W/"f37c-18fdf805ac2"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: TgnXEikRpdYI1EvWgFnqp15eplEWs14Xhf8tgBT8d5z1ieHdxGe8tQ==

GET
H2 200 da2a36f1-0470-42c5-86ba-7e7823bd0e94 Show response
c.lytics.io/api/personalize/1615abb2fee499fc8f7dd878cbe2db80/user/_uid/ 625 B
779 B 132ms
131ms Script
application/json 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/1615abb2fee499fc8f7dd878cbe2db80/user/_uid/da2a36f1-0470-42c5-86ba-7e7823bd0e94?segments=true&fields=academic_role_tally_explicit,account_created_date,account_created_flag,age_segment_array_tally_implicit,age_stage_tally_explicit,article_category_tally_explicit,article_tag_tally_implicit,author_id_tally_explicit,author_id_tally_implicit,author_name_tally_explicit,author_tally_implicit,format_tally_explicit,format_tally_implicit,genre_tally_explicit,genre_tally_implicit,other_tally_explicit,retailer_pref_brightly_tally_implicit,retailer_pref_prh_tally_implicit,retailer_pref_tally_implicit,retailer_tally_explicit,subgenre_tally_implicit,work_id_tally_implicit&mergestate=true&state=%7B%22_uid%22%3A%22da2a36f1-0470-42c5-86ba-7e7823bd0e94%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A-10%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_e%22%3A%22pv%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22sites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1717598920528&callback=u_382544399018564600

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/1615abb2fee499fc8f7dd878cbe2db80/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81c758e605c5ab8e18865ca2d4fc7c24ba9c8b4451af9816f0c0e33706bcb0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p2LS2re9QxIPR%2BwSo0KIkgK4ksj01eQGNISquXxgi23UbWHrGYYffuV%2F7O%2FHYjGnmIQiupICS9E0d6fJL2L43ZtirhD1jUoW70dE15PjAtVUz2LbiOu%2F%2BxeTGMbINBKpwIcM5hkUDF8%2F"}],"group":"cf-nel","max_age":604800}
x-lytics-trace: 2910b8770aa8e6de9d5e7ae2826cce4b
cf-ray: 88f0f7056bda030a-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
content-length: 370

GET
H2 200 sites.prh.com.json Show response
script.crazyegg.com/pages/data-scripts/0121/0883/site/ 7 KB
2 KB 102ms
41ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0121/0883/site/sites.prh.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0121/0883.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 786bc3ca7cf7c3f9a63151fd14005d65adf513c9f16c6542895ba85af822aec7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 271
ce-version: 11.5.214
content-length: 1927
last-modified: Wed, 05 Jun 2024 14:44:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88f0f705cff0749a-MIA

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 36ms
36ms Stylesheet
text/css 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 13:36:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TDxOF2DkUf2eFJ49%2BP0VTLeSEcz3Xrbgw8rKowg9TJkwHFjU%2BPr2ZJOl4rrBJGmrYV8co%2Fd%2FSqhQU0lj7GVGHhgxTFd30bVFRlF09zegYo9cmwFCAOsinebi6NkSDCl9pSsPFoEpebGh"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 88f0f7057bed030a-MIA

GET
H2 200 018fe8df9de70001f073f6cc04ec0506f003b06700b08 Show response
visitor-service-us-east-1.tealiumiq.com/random/main/ 2 B
210 B 178ms
54ms Script
application/json 44.217.20.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-us-east-1.tealiumiq.com/random/main/018fe8df9de70001f073f6cc04ec0506f003b06700b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1717598920558

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.217.20.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-217-20-44.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 11d7bbd50ca6e483bdf66ea1e0a69c8b382f4346-SNAPSHOT
date: Wed, 05 Jun 2024 14:48:40 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: us-east-1
content-length: 2
x-nodeid: i-0f768f9a7a1d272d6
content-type: application/json;charset=utf-8

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004846701/ 3 KB
1 KB 175ms
67ms Script
text/javascript 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004846701/?random=1717598920567&cv=9&fst=1717598920567&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=ecomm_pagetype%3DSPLASH%20Sweepstakes%20Page%3Becomm_totalvalue%3D&frm=0&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&tiba=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

db821a0ed6798ff15aa2a5567bf438ad9a4660916d756038027dc7cf75568165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1427
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
977 B 206ms
131ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=497116&time=1717598920578&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: *
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-cache: CONFIG_NOCACHE
x-li-uuid: AAYaJamJF+QU0sTWalMRgg==
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5478F57AC5574E9FBF03DE792A217048 Ref B: MIAEDGE1411 Ref C: 2024-06-05T14:48:40Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-fs-uuid: 00061a25a98917e414d2c4d66a531182

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1717598920578&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1717598920578&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D497116%26time%3D1717598920578%26url%3Dhttps%253A%252F%252Fsites.prh.com%252Fget-o...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1717598920578&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1717598920578&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&cookiesTest=true&liSync=true&e_ipv6=AQJXLby_g...

0
489 B

196ms
127ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1717598920578&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&cookiesTest=true&liSync=true&e_ipv6=AQJXLby_g7wEngAAAY_o36HcgmS17193VgEqwujV9SsTPRr9TTLtJDF3sZLPTXAJ1xeYJiI
Requested by: Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://sites.prh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4EDABD93AE874292B8612FBE5BB6BC47 Ref B: MIAEDGE1912 Ref C: 2024-06-05T14:48:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYaJamS/D8fg23BvpwAsQ==

Redirect headers

date: Wed, 05 Jun 2024 14:48:40 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6757573BB4DC42EDB362FED467242CB6 Ref B: MIAEDGE2507 Ref C: 2024-06-05T14:48:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1717598920578&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&cookiesTest=true&liSync=true&e_ipv6=AQJXLby_g7wEngAAAY_o36HcgmS17193VgEqwujV9SsTPRr9TTLtJDF3sZLPTXAJ1xeYJiI
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYaJamQJZ6aJPgXciFPpQ==

GET
H2 200 8e810b99-aff4-4421-9c2c-d7f1896583e1.js Show response
tr.snapchat.com/config/com/ 183 B
465 B 237ms
132ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/8e810b99-aff4-4421-9c2c-d7f1896583e1.js?v=3.18.1-2406041825

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

7815f58eb94bca50f535a4c4f8187ad140fa6e5bfeebe4e80d6518c565068bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Origin: https://sites.prh.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://sites.prh.com
x-envoy-upstream-service-time: 38
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 183

GET
H2 200 i
tr.snapchat.com/cm/ Frame 05CE 0
0 214ms
89ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=8e810b99-aff4-4421-9c2c-d7f1896583e1&u_scsid=1e3ba84a-7368-430a-88f7-c6cff23a4f92&u_sclid=1c28a7ed-16f1-41ee-8adc-e2574b036ad5

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://sites.prh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Wed, 05 Jun 2024 14:48:40 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 main.2bdc3040.js Show response
s.pinimg.com/ct/lib/ 69 KB
20 KB 58ms
57ms Script
application/javascript 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: br
x-cdn: fastly
etag: "12a8f2d3ddbe2363a4a569b085d70d28"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 19942

GET
H2 200 main.MTEyOTMyMDM5MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 344 KB
100 KB 101ms
101ms Script
application/javascript 23.212.249.86
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyOTMyMDM5MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SGAO96H18A0MH1EN5G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.249.86 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-249-86.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3c04701c5a9e9e7beb083f679cd31d9e6ecdcc243e1c52ec10c3bbcb5b36990f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 2d814c11
date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202406041157117153FC1D1881E38F469A
x-tt-trace-id: 00-2406041157117153FC1D1881E38F469A-6E241833ECB9C4C7-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-220-105-86.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 019103c13654ae055f55e6a35eb13cb92dbf95e0a21c2c3b5cbc12e37a591c5f647beb21878ebae72b77694a652d53d65ae2e15b8341e9aae054802ad21912a4986e77644aec3cc92719508b45142f7cea4587eb27632df7514a1f24c1acea88e9
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 101751

GET
H2 200 dest5.html
ranh.demdex.net/ Frame D2CD 0
0 171ms
54ms Document
text/html 54.198.163.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ranh.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.198.163.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-198-163-17.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://sites.prh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 05 Jun 2024 14:48:40 GMT
dcs: dcs-prod-va6-1-v060-01349557c.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 9 May 2024 11:55:01 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: IbBouz2nTBs=

GET
H2 200 id Show response
scode.randomhouse.com/ 48 B
460 B 193ms
60ms XHR
application/x-javascript 63.140.39.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scode.randomhouse.com/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=683138055267EABE0A490D4C%40AdobeOrg&mid=44874690689956321833844070156032433243&ts=1717598920633

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rhcorp-prh/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.22 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-22.data.adobedc.net

Software

jag /

Resource Hash

6d902735684c243a285272fd07bc42b8307bc07bb653ef2e21612a9fe1119156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://sites.prh.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZmB6yAAAAJt-2AMv
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=36106076705728922664108730560228851718
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZmB6yAAAAJt-2AMv

42 B
714 B

57ms
57ms

Image
image/gif

54.198.163.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZmB6yAAAAJt-2AMv

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Server

54.198.163.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-198-163-17.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://sites.prh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v060-08fd0299e.edge-va6.demdex.com 3 ms
pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: Cfl5zhVUTog=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZmB6yAAAAJt-2AMv
Date: Wed, 05 Jun 2024 14:48:40 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 e5507cc921bdb5250cc380247d78c91a.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 95 KB
31 KB 41ms
40ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0121/0883.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fce3dd79f6439614bd0067fdb4747883bb1a414133f1d33cc75c3f43afdeb4f9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 21 May 2024 17:35:00 GMT
server: cloudflare
age: 331
cf-polished: origSize=97322
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 88f0f7061d6c67e6-MIA

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=8f9b0615-e931-45a3-99e7-549741c1960e&id=da2a36f1-0470-42c5-86ba-7e7823bd0e94
https://s.amazon-adsystem.com/dcm?pid=8f9b0615-e931-45a3-99e7-549741c1960e&id=da2a36f1-0470-42c5-86ba-7e7823bd0e94&dcc=t

43 B
855 B

80ms
80ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=8f9b0615-e931-45a3-99e7-549741c1960e&id=da2a36f1-0470-42c5-86ba-7e7823bd0e94&dcc=t

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://sites.prh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Jun 2024 14:48:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: P37TBPXPNKCPEYMB7DAK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Jun 2024 14:48:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AKGCTTJ016FS5QJA15G1
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=8f9b0615-e931-45a3-99e7-549741c1960e&id=da2a36f1-0470-42c5-86ba-7e7823bd0e94&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1615abb2fee499fc8f7dd878cbe2db80
c.lytics.io/c/ 35 B
641 B 82ms
82ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/1615abb2fee499fc8f7dd878cbe2db80?_e=pv&_sesstart=1&_tz=-10&_ul=en-US&_sz=1600x1200&_ts=1717598920663&_nmob=t&_device=desktop&url=sites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&_uid=da2a36f1-0470-42c5-86ba-7e7823bd0e94&_v=3.0.35

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cvmq54o1ClipFIE1Wb2iv8yZ5GocexLjXGlQv6a86S8M5xq8pvgygxSctp37CFMt%2B7WzEE0JHCklogl3WqBenngEP%2Bw%2FLdMVfVzC%2F4ZF3wP7sDAJpf013LU%2B%2BdXxT5K%2FrUV2mdmXgr7z"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 401feb1b02e965504691e45dff4ce804
cf-ray: 88f0f7064ce7030a-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/1615abb2fee499fc8f7dd878cbe2db80/ 327 B
562 B 44ms
44ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/program/campaign/config/1615abb2fee499fc8f7dd878cbe2db80/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/1615abb2fee499fc8f7dd878cbe2db80/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08f264d067dd0a23c29f2241ce9a21740a51006bd4edce3af9453317a88bbfe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1851
content-length: 226
last-modified: Wed, 05 Jun 2024 14:17:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a7PcqWhn0DzOm3O4bQdL6%2BG2RUDqHwB9buXrzkg%2FtnTjmyM3NHn4ECErtE2Ml8P8Lfg5m97PZoQkN9wbyFwahs625XcVgtueRfUsG6ztfp06l1GuemlwNz8rJ%2BFcSHUypIYlwFovAyKj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: aeefc6ada7446b33ca227aeac239d11c
accept-ranges: bytes
cf-ray: 88f0f7064ce8030a-MIA

GET
H2 200 / Show response
ct.pinterest.com/user/ 327 B
306 B 144ms
58ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612358431345&ov=%7B%22page_name%22%3A%22Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House%22%2C%22page_category%22%3A%22%22%7D&pd=%7B%7D&cb=1717598920687&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5612e07185add6333ccf39345089eedafce9235ae2770f3e3c93e88805532780

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
x-pinterest-rid: 4113841288730253
content-length: 187
pin-unauth: dWlkPVlXWm1ORFU0T1RndE1qUTVPQzAwTURBNExUZzRZMlF0TWpZNU16QTFOV1kyWVRWag
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sites.prh.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: d80afdeb0d64359b34f4a708f18dc7ee1019dc51
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 327 B
628 B 141ms
56ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=PageVisit&ed=%7B%22event_id%22%3A%229bd76feb-554c-4402-8e6b-a71b46d9f72c%22%7D&tid=2612358431345&cb=1717598920689&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5612e07185add6333ccf39345089eedafce9235ae2770f3e3c93e88805532780

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1372041180336062
content-length: 187
pin-unauth: dWlkPVpEaG1NekZrT1RFdE16a3daUzAwT1ROa0xUZzBNRFV0T1RobFlqazJaVEl6WVRrMQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sites.prh.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: d80afdeb0d64359b34f4a708f18dc7ee1019dc51
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 139ms
57ms Fetch
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2612358431345&ov=%7B%22page_name%22%3A%22Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House%22%2C%22page_category%22%3A%22%22%7D&pd=%7B%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222bdc3040%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22125.0.6422.141%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1717598920691
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://sites.prh.com
pinterest-version: d80afdeb0d64359b34f4a708f18dc7ee1019dc51
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 8753729657315509
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1035905995/ 3 KB
1 KB 66ms
65ms Script
text/javascript 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1035905995/?random=1717598920709&cv=11&fst=1717598920709&bg=ffffff&guid=ON&async=1&gtm=45be4630v9134321088za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&hn=www.googleadservices.com&frm=0&tiba=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&npa=0&pscdl=noapi&auid=1738212260.1717598921&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1051027031

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

275181930cd0026eb2f68907addce0d84b975cf21d078b2df861599b8768d99d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1473
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1051027031/ 3 KB
1 KB 66ms
64ms Script
text/javascript 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1051027031/?random=1717598920719&cv=11&fst=1717598920719&bg=ffffff&guid=ON&async=1&gtm=45be4630v9134321088za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&hn=www.googleadservices.com&frm=0&tiba=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&npa=0&pscdl=noapi&auid=1738212260.1717598921&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1051027031

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

b6c924add27aeef94788b4cc3811148e46ce25034c8aae64bb7bbc308073bba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1473
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11222383759/ 3 KB
1 KB 67ms
67ms Script
text/javascript 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11222383759/?random=1717598920723&cv=11&fst=1717598920723&bg=ffffff&guid=ON&async=1&gtm=45be4630v9134321088za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&hn=www.googleadservices.com&frm=0&tiba=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&npa=0&pscdl=noapi&auid=1738212260.1717598921&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1051027031

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

071982af190b66a075c3f7b5f3581bd2a7f959a9bed76d53431229234412f3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1473
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1051027031/ 3 KB
1 KB 69ms
67ms Script
text/javascript 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1051027031/?random=1717598920726&cv=11&fst=1717598920726&bg=ffffff&guid=ON&async=1&gtm=45be4630v9134321088za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&hn=www.googleadservices.com&frm=0&tiba=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=1738212260.1717598921&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1051027031

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

4564783a89e447cf9ffa0bd15b57ad9bcd528fe3490a0c0ecc2a77c03fb9536e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1486
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1051027031/ 3 KB
2 KB 65ms
64ms Script
text/javascript 172.217.222.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1051027031/?random=1717598920728&cv=11&fst=1717598920728&bg=ffffff&guid=ON&async=1&gtm=45be4630v9134321088za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&label=0rOvCLSJq7YBENfMlfUD&hn=www.googleadservices.com&frm=0&tiba=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&npa=0&pscdl=noapi&auid=1738212260.1717598921&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1051027031

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f157.1e100.net

Software

cafe /

Resource Hash

7816a1a149d5c1b9ee849a5c35fbb3d8eb84f3ac8dd1c958c6850b34a949439a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1682
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sites.prh.com.json Show response
script.crazyegg.com/pages/data-scripts/0121/0883/sampling/ 46 B
129 B 45ms
40ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0121/0883/sampling/sites.prh.com.json?t=477110
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9505d83c49a71af53eddfcda8e352ff7ae004c5b038711c8755467ec61c36b40

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 271
ce-version: 11.5.214
content-length: 65
last-modified: Wed, 05 Jun 2024 14:44:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88f0f706b941749a-MIA

GET
H2 200 1491477134402985 Show response
connect.facebook.net/signals/config/ 66 KB
14 KB 57ms
56ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1491477134402985?v=2.9.157&r=stable&domain=sites.prh.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe4520b7ee4db56aefcabbe856c50bd3bb3fdcc63bce85f5e3983064d336ced3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jun 2024 14:48:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13874
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=64, mss=1297, tbw=63482, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: UJZlg6xRdij9S1rASwyUyJKOn4v/bwzoe9DVwz+kZnhi2YecRnDg0PqNpGVIl2KfDp2/kbc/JeGgGANZBR0sTg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1717598920778&aid=a-00m0&se=eyJldmVudCI6InBhcmVudF93aW5kb3cifQ&duid=70bbd87f53c2--01hzmdz826yh6eea0a2vp2b1vz&tv=v2.14.3&pu=https%3A%2F%2Fsites.prh.com%2Fget-offline-an...
https://rp4.liadm.com/j?se=eyJldmVudCI6InBhcmVudF93aW5kb3cifQ&duid=70bbd87f53c2--01hzmdz826yh6eea0a2vp2b1vz&aid=a-00m0&cd=.prh.com&dtstmp=1717598920778&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMTo...

13 B
318 B

232ms
54ms

XHR
application/json

34.228.125.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?se=eyJldmVudCI6InBhcmVudF93aW5kb3cifQ&duid=70bbd87f53c2--01hzmdz826yh6eea0a2vp2b1vz&aid=a-00m0&cd=.prh.com&dtstmp=1717598920778&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMTo1NTA6MWQwNToxOjoxMA%3D%3D&pu=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&c=PG1ldGEgZGF0YS1uLWhlYWQ9InNzciIgY29udGVudD0iVGhlc2UgYXJlIHRoZSBPZmZpY2lhbCBSdWxlcyBmb3IgdGhpcyBzd2VlcHN0YWtlcy4iIG5hbWU9ImRlc2NyaXB0aW9uIiBkYXRhLWhpZD0iZGVzY3JpcHRpb24iPjx0aXRsZT5PZmZpY2lhbCBSdWxlcyAtIEdldCBPZmZsaW5lICZhbXA7IFVud2luZCBHaXZlYXdheSAtIFBlbmd1aW4gUmFuZG9tIEhvdXNlPC90aXRsZT4
Requested by: Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules
Protocol: H2
Server: 34.228.125.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-125-52.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://sites.prh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 14:48:41 GMT
x-pixel-event-id: 518496c7-fc11-4338-9034-89b758fdcfc3
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?se=eyJldmVudCI6InBhcmVudF93aW5kb3cifQ&duid=70bbd87f53c2--01hzmdz826yh6eea0a2vp2b1vz&aid=a-00m0&cd=.prh.com&dtstmp=1717598920778&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMTo1NTA6MWQwNToxOjoxMA%3D%3D&pu=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&c=PG1ldGEgZGF0YS1uLWhlYWQ9InNzciIgY29udGVudD0iVGhlc2UgYXJlIHRoZSBPZmZpY2lhbCBSdWxlcyBmb3IgdGhpcyBzd2VlcHN0YWtlcy4iIG5hbWU9ImRlc2NyaXB0aW9uIiBkYXRhLWhpZD0iZGVzY3JpcHRpb24iPjx0aXRsZT5PZmZpY2lhbCBSdWxlcyAtIEdldCBPZmZsaW5lICZhbXA7IFVud2luZCBHaXZlYXdheSAtIFBlbmd1aW4gUmFuZG9tIEhvdXNlPC90aXRsZT4
access-control-allow-origin: https://sites.prh.com
date: Wed, 05 Jun 2024 14:48:41 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H3 200 /
www.google.com/pagead/1p-user-list/1004846701/ 42 B
64 B 180ms
74ms Image
image/gif 172.253.63.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004846701/?random=1717598920567&cv=9&fst=1717596000000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=ecomm_pagetype%3DSPLASH%20Sweepstakes%20Page%3Becomm_totalvalue%3D&frm=0&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&tiba=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&hn=www.googleadservices.com&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLVAFOaouRSTAerve6tAEjYLvZgd27og&random=2075113740&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1035905995/ 42 B
64 B 166ms
68ms Image
image/gif 172.253.63.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1035905995/?random=1717598920709&cv=11&fst=1717596000000&bg=ffffff&guid=ON&async=1&gtm=45be4630v9134321088za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&hn=www.googleadservices.com&frm=0&tiba=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&npa=0&pscdl=noapi&auid=1738212260.1717598921&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLwAP-_ni4OGPivBnH3-VK5kaUW3UQqA&random=1773540919&rmt_tld=0&ipr=y

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 13cdcb03-abf3-4a5a-8803-f472f471cd26
https://sites.prh.com/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://sites.prh.com/13cdcb03-abf3-4a5a-8803-f472f471cd26
Requested by: Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

POST
H2 200 p
tr.snapchat.com/ 0
252 B 147ms
85ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://sites.prh.com
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

/
www.google.com/pagead/1p-conversion/1051027031/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1051027031/?random=711008316&cv=11&fst=1717598920728&bg=ffffff&guid=ON&async=1&gtm=45be4630v9134321088za200&gcd=13l3l3l3l1&dma=0&tag...
https://www.google.com/pagead/1p-conversion/1051027031/?random=711008316&cv=11&fst=1717598920728&bg=ffffff&guid=ON&async=1&gtm=45be4630v9134321088za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1...

42 B
64 B

67ms
67ms

Image
image/gif

172.253.63.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/1051027031/?random=711008316&cv=11&fst=1717598920728&bg=ffffff&guid=ON&async=1&gtm=45be4630v9134321088za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&label=0rOvCLSJq7YBENfMlfUD&hn=www.googleadservices.com&frm=0&tiba=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&npa=0&pscdl=noapi&auid=1738212260.1717598921&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI6J-nzNrEhgMVuVtHAR3ZJg_BMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vc2l0ZXMucHJoLmNvbS8&is_vtc=1&cid=CAQSKQDaQooL4adKOW1IKikmiNifotIldKdrVuDMhIWwl7yspohyUMNdmYn9&random=482505827

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Server

172.253.63.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://sites.prh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/1051027031/?random=711008316&cv=11&fst=1717598920728&bg=ffffff&guid=ON&async=1&gtm=45be4630v9134321088za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&label=0rOvCLSJq7YBENfMlfUD&hn=www.googleadservices.com&frm=0&tiba=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&npa=0&pscdl=noapi&auid=1738212260.1717598921&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI6J-nzNrEhgMVuVtHAR3ZJg_BMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vc2l0ZXMucHJoLmNvbS8&is_vtc=1&cid=CAQSKQDaQooL4adKOW1IKikmiNifotIldKdrVuDMhIWwl7yspohyUMNdmYn9&random=482505827
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1051027031/ 42 B
64 B 123ms
64ms Image
image/gif 172.253.63.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1051027031/?random=1717598920719&cv=11&fst=1717596000000&bg=ffffff&guid=ON&async=1&gtm=45be4630v9134321088za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&hn=www.googleadservices.com&frm=0&tiba=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&npa=0&pscdl=noapi&auid=1738212260.1717598921&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLuMyzRVmV5e61K5lRrDx6ImlnixUyzA&random=2957391006&rmt_tld=0&ipr=y

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11222383759/ 42 B
64 B 130ms
72ms Image
image/gif 172.253.63.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11222383759/?random=1717598920723&cv=11&fst=1717596000000&bg=ffffff&guid=ON&async=1&gtm=45be4630v9134321088za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&hn=www.googleadservices.com&frm=0&tiba=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&npa=0&pscdl=noapi&auid=1738212260.1717598921&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLvhlytQBmPbZPEETXJpgW1HlC_U4AJg&random=1823308232&rmt_tld=0&ipr=y

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1051027031/ 42 B
64 B 123ms
67ms Image
image/gif 172.253.63.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1051027031/?random=1717598920726&cv=11&fst=1717596000000&bg=ffffff&guid=ON&async=1&gtm=45be4630v9134321088za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&hn=www.googleadservices.com&frm=0&tiba=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=1738212260.1717598921&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLlQIYDO03iLZ4t23lfN6k52OxV19Gbw&random=1175815424&rmt_tld=0&ipr=y

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s67149167447661
scode.randomhouse.com/b/ss/ranhrollup/1/JS-2.10.0/ 43 B
202 B 58ms
57ms Image
image/gif 63.140.39.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scode.randomhouse.com/b/ss/ranhrollup/1/JS-2.10.0/s67149167447661?AQB=1&ndh=1&pf=1&t=5%2F5%2F2024%204%3A48%3A40%203%20600&sdid=0D6DC92E65920F8F-7C2A76DBD4D4238A&mid=44874690689956321833844070156032433243&aamlh=7&ce=UTF-8&ns=randomhouse&pageName=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&g=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&cc=USD&events=event8&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v9=D%3Ds_vi&c24=D%3Dv24&v24=%2Fsites.prh.com%2F&c25=D%3Dv25&v25=%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2F&c26=SPLASH%20Sweepstakes%20Page&v26=SPLASH%20Sweepstakes%20Page&c30=Desktop&c34=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&v34=Desktop&v51=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&c54=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&v54=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&c56=First%20Visit&v56=First%20Visit&c57=New&v57=New&v81=Consumer%20Marketing&v101=Rules%2CFooter&v103=Wellness&v112=7113&v114=Get%20Offline%20%26amp%3B%20Unwind%20Giveaway&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=683138055267EABE0A490D4C%40AdobeOrg&AQE=1

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.22 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-22.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 14:48:40 GMT
server: jag
etag: 3688515594746167296-4618550086119871351
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 04 Jun 2024 14:48:40 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ 39 B
146 B 265ms
128ms XHR
text/plain 18.217.58.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1717598920843&tk=9612358c80150270c63a9e417723983b&s=436614&p=%2Fget-offline-and-unwind-giveaway%2Frules&u=1210883&v=f22a51d1d7d12bb0eb41445d05c1b8191373697c&f=sites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&ul=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.58.127 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-58-127.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: f32251b00bc6e0764a64a01525d6fa5733310a43547abefd2486a16c74715006

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 05 Jun 2024 14:48:41 GMT
cache-control: no-store
server: awselb/2.0
content-length: 39
content-type: text/plain

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 58ms
57ms Fetch
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22event_id%22%3A%229bd76feb-554c-4402-8e6b-a71b46d9f72c%22%7D&tid=2612358431345&cb=1717598920844&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222bdc3040%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22125.0.6422.141%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:40 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://sites.prh.com
pinterest-version: d80afdeb0d64359b34f4a708f18dc7ee1019dc51
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1565655101267993
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 553240018736242 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 53ms
52ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/553240018736242?v=2.9.157&r=stable&domain=sites.prh.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

d575c52f4572aba8af37b3c5fc87b8d504fdcc12042aa7808f42c2e9b3f9ec7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jun 2024 14:48:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2824
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=51, rtx=0, c=23, mss=1232, tbw=4326, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: DbRFAwkiNUF6hjcZE1NyEfvz7PyF0WUFCrs169WuDgnFbarKoQzhKbR0oCGpwwbX+4gYyEmmvVvv5ststRc5mQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 1
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 251ms
115ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1491477134402985&ev=PageView&dl=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&rl=&if=false&ts=1717598920854&cd[page_name]=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&cd[page_type]=SPLASH%20Sweepstakes%20Page&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.1.1717598920852.804224626822441529&cs_est=true&ler=empty&cdl=API_unavailable&it=1717598920761&coo=false&eid=15fa6dd2051778f55be223da49066d4d&tm=1&rqm=GET

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=10, mss=1297, tbw=2879, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jun 2024 14:48:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
469 B 310ms
175ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1491477134402985&ev=PageView&dl=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&rl=&if=false&ts=1717598920854&cd[page_name]=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&cd[page_type]=SPLASH%20Sweepstakes%20Page&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.1.1717598920852.804224626822441529&cs_est=true&ler=empty&cdl=API_unavailable&it=1717598920761&coo=false&eid=15fa6dd2051778f55be223da49066d4d&tm=1&rqm=FGET

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x470bdf2aaa46cc1c","source_keys":["1","2"]},{"key_piece":"0x3330a555fc8e2d09","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 05 Jun 2024 14:48:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=10, mss=1297, tbw=7186, tp=-1, tpl=-1, uplat=112, ullat=0
pragma: no-cache
x-fb-debug: Qn11Jn6AgVvrKM0TzHJ+wdf9A9zcF+2Or0KtVZMpRoiQakOAY0vaQ3a2Zzw+LU1ElkNjuit7/FarMhNvE3ir5A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 128ms
128ms Script
application/javascript 23.212.249.86
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyOTMyMDM5MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.249.86 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-249-86.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 2d814e2b
date: Wed, 05 Jun 2024 14:48:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240521140000AE5C037DADEA56428431
x-tt-trace-id: 00-240521140000AE5C037DADEA56428431-58559EEC7F4E9382-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-220-105-86.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014575d8f3ed34dbd8bb149efbded15542082c3acadd3cb8ee245d2514cbdb1aae5e7379806e0606ff078ab4a478cc6e5db4fef4e7b110ad6c4bbd11c2ed03870a4564c4bca0cf7e7bceab8093f5af4130955f41cf96b12a618e8635e91b7b6d78
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=8
content-length: 39558

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
700 B 311ms
311ms Ping
text/plain 23.212.249.86
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyOTMyMDM5MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.249.86 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-249-86.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2d814e2c
date: Wed, 05 Jun 2024 14:48:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240605144840CB1CE9806129C725082A-18331E39AE7D503A-00
x-cache: TCP_MISS from a23-220-105-86.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
server-timing: inner; dur=177, cdn-cache; desc=MISS, edge; dur=9, origin; dur=181
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240605144840CB1CE9806129C725082A
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 181,23.220.105.86
x-tt-trace-host: 016db96f4a9ed650deae557ce1d8f0e1e5f45bca1d94697f3c453aa29726d07306a4f724a27800d8518563fe7955734c75aef860b803c8fdd792ada3db73b8d2be5e18ed03726ac072ee2e77082ae16be7b77f0ceed0c24087d58410e339ca1466
access-control-allow-headers: Authorization,*
expires: Wed, 05 Jun 2024 14:48:41 GMT

GET
H2 200 amazon_dsp
c.lytics.io/c/1615abb2fee499fc8f7dd878cbe2db80/ 35 B
360 B 80ms
80ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/1615abb2fee499fc8f7dd878cbe2db80/amazon_dsp?_ts=1717598920918&_nmob=t&_device=desktop&url=sites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&_uid=da2a36f1-0470-42c5-86ba-7e7823bd0e94&_v=3.0.35&_uido=da2a36f1-0470-42c5-86ba-7e7823bd0e94

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:40 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OBkqlEFnRskhafRaw1Kl%2FYenlKPxjqvYGo8QwXkL0FwLGCd%2FbO%2FDap2wv%2B5ompynm80fS3tQR5xLj%2FK8f%2BmPlnCXgNx8yQSEqMC0mOfRGBhyWmSZg64JDp3hqkGCggD8pMdQag0I0m2J"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 6fb90d2ae4eb4166e29ccb4284bca4ee
cf-ray: 88f0f707de76030a-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 183ms
116ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=553240018736242&ev=PageView&dl=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&rl=&if=false&ts=1717598920921&cd[page_name]=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&cd[page_type]=SPLASH%20Sweepstakes%20Page&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.1.1717598920852.804224626822441529&ler=empty&cdl=API_unavailable&it=1717598920761&coo=false&eid=15fa6dd2051778f55be223da49066d4d&tm=1&rqm=GET

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=10, mss=1297, tbw=3162, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jun 2024 14:48:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
470 B 216ms
174ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=553240018736242&ev=PageView&dl=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&rl=&if=false&ts=1717598920921&cd[page_name]=Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House&cd[page_type]=SPLASH%20Sweepstakes%20Page&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.1.1717598920852.804224626822441529&ler=empty&cdl=API_unavailable&it=1717598920761&coo=false&eid=15fa6dd2051778f55be223da49066d4d&tm=1&rqm=FGET

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x3dcf7def6092b3dd","source_keys":["1","2"]},{"key_piece":"0x48cd2d3ac66e6f1f","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 05 Jun 2024 14:48:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=10, mss=1297, tbw=6694, tp=-1, tpl=-1, uplat=111, ullat=0
pragma: no-cache
x-fb-debug: +IjMGn4atzhpofGfUJdJp1m1ueOiGfOP0y/q89cjNUzWUjP8O7NBJ9XbVLdbo/gkRKzRWMsqgmLBd3ulimUUEg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 156ms
116ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1491477134402985&ev=Lytics%20Audiences&dl=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&rl=&if=false&ts=1717598920922&cd[external_id]=da2a36f1-0470-42c5-86ba-7e7823bd0e94&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmtealium&ec=1&o=4126&fbp=fb.1.1717598920852.804224626822441529&ler=empty&cdl=API_unavailable&it=1717598920761&coo=false&rqm=GET

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=10, mss=1297, tbw=3162, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jun 2024 14:48:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
471 B 215ms
177ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1491477134402985&ev=Lytics%20Audiences&dl=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&rl=&if=false&ts=1717598920922&cd[external_id]=da2a36f1-0470-42c5-86ba-7e7823bd0e94&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmtealium&ec=1&o=4126&fbp=fb.1.1717598920852.804224626822441529&ler=empty&cdl=API_unavailable&it=1717598920761&coo=false&rqm=FGET

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xef5088bbe1ca6763","source_keys":["1","2"]},{"key_piece":"0x019f29f57dbdd80d","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 05 Jun 2024 14:48:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=68, rtx=0, c=20, mss=1297, tbw=8035, tp=-1, tpl=-1, uplat=116, ullat=0
pragma: no-cache
x-fb-debug: tWEDym01BQSRIyQ4m3nC04yvF/c3OlSv3Qqv4juqV6RNyRqaDI057kJL3yB/UFw5yTWSh1nQYKnipdAifFTCBQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 108ms
106ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=553240018736242&ev=Lytics%20Audiences&dl=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&rl=&if=false&ts=1717598920923&cd[external_id]=da2a36f1-0470-42c5-86ba-7e7823bd0e94&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmtealium&ec=1&o=4126&fbp=fb.1.1717598920852.804224626822441529&ler=empty&cdl=API_unavailable&it=1717598920761&coo=false&rqm=GET

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=10, mss=1297, tbw=3393, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jun 2024 14:48:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 165ms
163ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=553240018736242&ev=Lytics%20Audiences&dl=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&rl=&if=false&ts=1717598920923&cd[external_id]=da2a36f1-0470-42c5-86ba-7e7823bd0e94&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmtealium&ec=1&o=4126&fbp=fb.1.1717598920852.804224626822441529&ler=empty&cdl=API_unavailable&it=1717598920761&coo=false&rqm=FGET

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x25f01a989d813af1","source_keys":["1","2"]},{"key_piece":"0xf8038577f29dcc2a","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 05 Jun 2024 14:48:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=10, mss=1297, tbw=3535, tp=-1, tpl=-1, uplat=79, ullat=0
pragma: no-cache
x-fb-debug: D4jhTtB07f0plK+RCd6U7D64cTtoThIDK+afyJrQ7Xn+sEBvv8Y7GG0wRsRTw1+F8zV7KmK2zcQ7FVmjE47nKQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 167ms
166ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1491477134402985&ev=Lytics%20Audiences&dl=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&rl=&if=false&ts=1717598920924&cd[web_personalization_user_type_1]=true&cd[ly_unknown_email]=true&cd[desktop_only]=true&cd[ttb_onboarding_cta_desktop]=true&cd[how_to_series_mobile_with_suppression_]=true&cd[unknown_users]=true&cd[all]=true&cd[smt_new]=true&cd[default_anon_seg]=true&cd[how_to_series_desktop_with_suppression_]=true&cd[teachers_appreciation_week_desktop_with_suppression_duplicate]=true&cd[brightly_us_only_non_pids]=true&cd[persona_desktop_with_suppression_]=true&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmtealium&ec=2&o=4126&fbp=fb.1.1717598920852.804224626822441529&ler=empty&cdl=API_unavailable&it=1717598920761&coo=false&rqm=GET

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=68, rtx=0, c=20, mss=1297, tbw=7773, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jun 2024 14:48:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
268 B 212ms
211ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1491477134402985&ev=Lytics%20Audiences&dl=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&rl=&if=false&ts=1717598920924&cd[web_personalization_user_type_1]=true&cd[ly_unknown_email]=true&cd[desktop_only]=true&cd[ttb_onboarding_cta_desktop]=true&cd[how_to_series_mobile_with_suppression_]=true&cd[unknown_users]=true&cd[all]=true&cd[smt_new]=true&cd[default_anon_seg]=true&cd[how_to_series_desktop_with_suppression_]=true&cd[teachers_appreciation_week_desktop_with_suppression_duplicate]=true&cd[brightly_us_only_non_pids]=true&cd[persona_desktop_with_suppression_]=true&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmtealium&ec=2&o=4126&fbp=fb.1.1717598920852.804224626822441529&ler=empty&cdl=API_unavailable&it=1717598920761&coo=false&rqm=FGET

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xef5088bbe1ca6763","source_keys":["1","2"]},{"key_piece":"0x019f29f57dbdd80d","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 05 Jun 2024 14:48:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=68, rtx=0, c=20, mss=1297, tbw=8528, tp=-1, tpl=-1, uplat=51, ullat=0
pragma: no-cache
x-fb-debug: rnlQH13lQ/OlUOXG2CtjUo6hRHne6YbmYANuRyGDpeLrjM7a1AHHh9O7emlDTMYuAxXZ+41Uv8U7taaGr4fbhg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 167ms
166ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=553240018736242&ev=Lytics%20Audiences&dl=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&rl=&if=false&ts=1717598920925&cd[web_personalization_user_type_1]=true&cd[ly_unknown_email]=true&cd[desktop_only]=true&cd[ttb_onboarding_cta_desktop]=true&cd[how_to_series_mobile_with_suppression_]=true&cd[unknown_users]=true&cd[all]=true&cd[smt_new]=true&cd[default_anon_seg]=true&cd[how_to_series_desktop_with_suppression_]=true&cd[teachers_appreciation_week_desktop_with_suppression_duplicate]=true&cd[brightly_us_only_non_pids]=true&cd[persona_desktop_with_suppression_]=true&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmtealium&ec=2&o=4126&fbp=fb.1.1717598920852.804224626822441529&ler=empty&cdl=API_unavailable&it=1717598920761&coo=false&rqm=GET

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=68, rtx=0, c=20, mss=1297, tbw=7884, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jun 2024 14:48:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
270 B 222ms
221ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=553240018736242&ev=Lytics%20Audiences&dl=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules&rl=&if=false&ts=1717598920925&cd[web_personalization_user_type_1]=true&cd[ly_unknown_email]=true&cd[desktop_only]=true&cd[ttb_onboarding_cta_desktop]=true&cd[how_to_series_mobile_with_suppression_]=true&cd[unknown_users]=true&cd[all]=true&cd[smt_new]=true&cd[default_anon_seg]=true&cd[how_to_series_desktop_with_suppression_]=true&cd[teachers_appreciation_week_desktop_with_suppression_duplicate]=true&cd[brightly_us_only_non_pids]=true&cd[persona_desktop_with_suppression_]=true&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmtealium&ec=2&o=4126&fbp=fb.1.1717598920852.804224626822441529&ler=empty&cdl=API_unavailable&it=1717598920761&coo=false&rqm=FGET

Requested by

Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x25f01a989d813af1","source_keys":["1","2"]},{"key_piece":"0xf8038577f29dcc2a","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 05 Jun 2024 14:48:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=20, mss=1297, tbw=8818, tp=-1, tpl=-1, uplat=61, ullat=0
pragma: no-cache
x-fb-debug: hDJO2O8LL5GZFyYPRO4xPA7dkBRtte916bp78F+MqRVPhNTod/DwtaWDsSfjEG/QPJ2Hx6tnvei+AinJRVK/+g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 p
tr6.snapchat.com/ 0
46 B 162ms
143ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Jun 2024 14:48:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google, 1.1 google
server: API Gateway
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dda53996456118190a640875fa0663b1.js Show response
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 20 KB
8 KB 39ms
38ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/dda53996456118190a640875fa0663b1.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0121/0883.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:41 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 16:56:40 GMT
server: cloudflare
age: 332
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 88f0f709097a67e6-MIA

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
701 B 214ms
214ms Ping
text/plain 23.212.249.86
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyOTMyMDM5MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.249.86 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-249-86.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2d814fe0
date: Wed, 05 Jun 2024 14:48:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240605144841749BB05774FE0A28D07E-328B1BCFDADA0025-00
x-cache: TCP_MISS from a23-220-105-86.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
server-timing: inner; dur=59, cdn-cache; desc=MISS, edge; dur=11, origin; dur=65
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240605144841749BB05774FE0A28D07E
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 66,23.220.105.86
x-tt-trace-host: 016db96f4a9ed650deae557ce1d8f0e1e5f45bca1d94697f3c453aa29726d0730611b8b4380301570b373ea8dcfeceed6fcaab2619d9a8279bbafc092f0e621b022d519d90186183982fafa48ba84f6f79cd0661435ccef38e9bcbdc6734f9d34b
access-control-allow-headers: Authorization,*
expires: Wed, 05 Jun 2024 14:48:41 GMT

GET
H2 200 bd3cf4fdad82d5b7119c9bb8c5d92327.js Show response
script.crazyegg.com/pages/versioned/tracking-scripts/ 95 KB
30 KB 44ms
44ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/tracking-scripts/bd3cf4fdad82d5b7119c9bb8c5d92327.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0121/0883.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef774bedbe77e522d4744a3309c90dbbc745df5253eb4972485898ba8ccf9bdd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:41 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 21 May 2024 17:35:11 GMT
server: cloudflare
age: 333
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 88f0f70959ed67e6-MIA

GET
H2

200

asyncPixelSync
pixel-sync.sitescout.com/dmp/ Frame C30D
Redirect Chain

https://pixel-sync.sitescout.com/dmp/asyncPixelSync
https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1

0
0

55ms
54ms

Document
text/html

34.36.216.150
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by: Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.216.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 150.216.36.34.bc.googleusercontent.com
Software: A /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://sites.prh.com/get-offline-and-unwind-giveaway/rules
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0,no-cache,no-store
content-length: 1174
content-type: text/html;charset=UTF-8
date: Wed, 05 Jun 2024 14:48:41 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 05 Jun 2024 14:48:40 GMT
location: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
server: A
via: 1.1 google

GET
H2

200

3cc95e89f029439a
pixel.sitescout.com/up/
Redirect Chain

https://pixel.sitescout.com/up/3cc95e89f029439a?cntr_url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules
https://pixel.sitescout.com/up/3cc95e89f029439a?cookieQ=1&cntr_url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules

43 B
408 B

55ms
55ms

Image
image/gif

216.157.106.133
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/3cc95e89f029439a?cookieQ=1&cntr_url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules
Requested by: Host: sites.prh.com
URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules
Protocol: H2
Server: 216.157.106.133 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://sites.prh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 14:48:41 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/up/3cc95e89f029439a?cookieQ=1&cntr_url=https%3A%2F%2Fsites.prh.com%2Fget-offline-and-unwind-giveaway%2Frules
date: Wed, 05 Jun 2024 14:48:41 GMT
server: AC1.1
content-length: 0

POST
H2 200 p
tr.snapchat.com/ 0
47 B 93ms
93ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Jun 2024 14:48:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://sites.prh.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
193 B 117ms
117ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyOTMyMDM5MA.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://sites.prh.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:41 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B1DE2B7CB6184D22B95A1773996DD40B Ref B: MIAEDGE2507 Ref C: 2024-06-05T14:48:41Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://sites.prh.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYaJamVC3ijqgVaFUjyMQ==

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 29ms
29ms Script
application/javascript 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:41 GMT
x-cdn: fastly
age: 5597
etag: "19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4103

GET
H2 200 ct.html
ct.pinterest.com/ Frame 9C7A 0
0 114ms
57ms Document
text/html 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://sites.prh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Wed, 05 Jun 2024 14:48:41 GMT
pinterest-version: d80afdeb0d64359b34f4a708f18dc7ee1019dc51
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 8743839510215221

GET
H2 200 favicon.ico
sites.prh.com/ 15 KB
4 KB 78ms
77ms Other
image/x-icon 2600:9000:25c8:fe00:10:6ab2:f640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.prh.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:fe00:10:6ab2:f640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

af76d9d38d90555cd6c98c9dc3ba191bb3bc7091adac6e2ec687c2fe9363c0d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sites.prh.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 14:48:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Mon, 03 Jun 2024 19:08:08 GMT
etag: W/"3c2e-18fdf80740a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: 0CVBLYLEDt2LTBTq1i5T6cr1oGRrDdT7gBKloR_DjVzpgiK3hcsGcQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.lytics.io
URL: https://c.lytics.io/

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

79 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 21:08:05	Name: X-AB Value: e6bb07284d4c4489a6690c8c63e56bba
.liadm.com/j	1970-01-21 06:42:38	Name: lidid Value: 0f57f439-ea13-4d6a-a996-3bc942f0f190
.bit.ly/	1970-01-21 01:25:50	Name: _bit Value: o55eMD-ba08e6d957aa5ebe3e-00t
sites.prh.com/	1970-01-20 21:06:39	Name: _csrf Value: HNrBzkyIWUNWSOwHaM4NYKn8
sites.prh.com/	1970-01-20 21:08:05	Name: connect.sid Value: s%3A68L1Cr0KHpmsDUUrd25Ty79kmWnPR-cJ.JNokMrtkH1q6ogu7YdDFr49Uc%2BwPRUkcpK7bVQWR8ZE
.fonts.net/	1970-01-20 21:06:40	Name: __cf_bm Value: K_FFiQ9YyIhiZ4M9E60FQVgHdmjzVr3MW26hlUoSnE8-1717598919-1.0.1.1-KCxp4uGNgIv.5R3Pjfv.LxZecgkmrA1YyU1IoDt094wLqkGQG4XS_yMMR0KNd.MCq1RY_nIn1MpZYeQT4Btc1A
.sites.prh.com/	1970-01-20 21:06:40	Name: seerses Value: e
.sites.prh.com/	1970-01-21 06:42:38	Name: seerid Value: da2a36f1-0470-42c5-86ba-7e7823bd0e94
.tealiumiq.com/	1970-01-21 05:52:14	Name: TAPID Value: random/main>018fe8df9de70001f073f6cc04ec0506f003b06700b08\|
.prh.com/	1970-01-21 05:52:14	Name: utag_main Value: v_id:018fe8df9de70001f073f6cc04ec0506f003b06700b08$_sn:1$_ss:1$_st:1717600720168$ses_id:1717598920168%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:prh.com$dc_visit:1$dc_event:1%3Bexp-session$dc_region:us-east-1%3Bexp-session
.prh.com/	1970-01-21 06:36:25	Name: _scid Value: 08194e64-fd5c-4d36-a056-337e985080cf
.prh.com/	1970-01-21 06:36:25	Name: _scid_r Value: 08194e64-fd5c-4d36-a056-337e985080cf
.tiktok.com/	1970-01-21 06:28:14	Name: _ttp Value: 2hSsg7dXBH8NTylKORPSG1MK777
.demdex.net/	1970-01-21 01:25:50	Name: demdex Value: 36106076705728922664108730560228851718
.prh.com/	1969-12-31 23:59:59	Name: AMCVS_683138055267EABE0A490D4C%40AdobeOrg Value: 1
.prh.com/	1970-01-20 23:16:14	Name: _gcl_au Value: 1.1.1738212260.1717598921
.lytics.io/	1970-01-21 06:42:38	Name: seerid Value: da2a36f1-0470-42c5-86ba-7e7823bd0e94
.prh.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .prh.com
.prh.com/	1970-01-21 06:42:38	Name: _lc2_fpi Value: 70bbd87f53c2--01hzmdz826yh6eea0a2vp2b1vz
.prh.com/	1970-01-21 06:42:38	Name: _lc2_fpi_meta Value: {%22w%22:1717598920774}
.linkedin.com/	1970-01-20 23:16:14	Name: li_sugr Value: 7d697434-bb28-456d-b252-b7636689d7ac
.linkedin.com/	1970-01-21 05:52:14	Name: bcookie Value: "v=2&68dfc83d-50a5-41bb-8c11-2bf0027c1641"
.linkedin.com/	1970-01-20 21:08:05	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2888:u=1:x=1:i=1717598920:t=1717685320:v=2:sig=AQFUGtS7bJ9Yd7tx4VWsBt7eYQo__4V0"
.prh.com/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.prh.com/	1969-12-31 23:59:59	Name: cebs Value: 1
.pinterest.com/	1970-01-21 05:52:14	Name: ar_debug Value: 1
.prh.com/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.prh.com/	1969-12-31 23:59:59	Name: s_tp Value: 2863
.prh.com/	1969-12-31 23:59:59	Name: s_ppv Value: Official%2520Rules%2520-%2520Get%2520Offline%2520%2526%2520Unwind%2520Giveaway%2520-%2520Penguin%2520Random%2520House%2C42%2C42%2C1200%2C1%2C2
.prh.com/	1970-01-21 06:42:38	Name: s_lv Value: 1717598920834
.prh.com/	1970-01-20 21:06:40	Name: s_lv_s Value: First%20Visit
.prh.com/	1970-01-21 05:52:14	Name: s_getNewRepeat Value: 1717598920835-New
.prh.com/	1970-01-20 21:06:40	Name: gpv_Page Value: Official%20Rules%20-%20Get%20Offline%20%26%20Unwind%20Giveaway%20-%20Penguin%20Random%20House
.prh.com/	1969-12-31 23:59:59	Name: SC_LINKS Value: %5B%5BB%5D%5D
.prh.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.sites.prh.com/	1970-01-21 05:52:14	Name: _pin_unauth Value: dWlkPVlXWm1ORFU0T1RndE1qUTVPQzAwTURBNExUZzRZMlF0TWpZNU16QTFOV1kyWVRWag
.prh.com/	1970-01-20 21:08:05	Name: _ce.clock_event Value: 1
.amazon-adsystem.com/	1970-01-21 06:42:38	Name: ad-privacy Value: 0
.prh.com/	1970-01-20 23:16:14	Name: _fbp Value: fb.1.1717598920852.804224626822441529
.amazon-adsystem.com/	1970-01-21 02:09:02	Name: ad-id Value: A8sE2BwpuE0GqFcNYKPxA-M
.linkedin.com/	1970-01-20 21:49:50	Name: UserMatchHistory Value: AQLOwv5xc2-98gAAAY_o36CIM3LxBaPETS5dQLcYOTxiyoxTwBm0FCkUQLqCxF4ll4klR-GIc0Yrfg
.linkedin.com/	1970-01-20 21:49:50	Name: AnalyticsSyncHistory Value: AQJV8O6tnRChWgAAAY_o36CIqielcgY4klV2Ge4V0W8PIznDj9KF0t2G6iBHmQrI17G0PdF82saGGz7J_jYWAQ
.doubleclick.net/	1970-01-21 06:42:38	Name: IDE Value: AHWqTUna7LZgF_suTaA_bEuyCBicriUFtbCZM0_j5otVLFtBUrbUEnDl7YbZt9XU
.ct.pinterest.com/	1970-01-21 05:52:14	Name: _pinterest_ct_ua Value: "TWc9PSY0NitVK29RdUgxZjg2VW1WN09qbnJ4MDA5Q2oxNjVwSjJvZVRNNHZuRXU4ZlIyb2M5N3B4ZXphZG5NQnNhV0tBQVEybEN1NUlsV0kybWNhTURUUk9XRlVBYW5aUjRtbzZ1ZjQ5bVFvZko0Zz0mNFA2eXJ0Rk1zejgra1FVTk9WOTFHWmlNcXlRPQ=="
.prh.com/	1970-01-21 06:28:14	Name: _tt_enable_cookie Value: 1
.prh.com/	1970-01-21 06:28:14	Name: _ttp Value: Hng9TXtScVpT8MLGpnq4_tdy_eK
.everesttech.net/	1970-01-21 05:52:14	Name: everest_g_v2 Value: g_surferid~ZmB6yAAAAJt-2AMv
.dpm.demdex.net/	1970-01-21 01:25:50	Name: dpm Value: 36106076705728922664108730560228851718
.prh.com/	1970-01-21 06:42:38	Name: AMCV_683138055267EABE0A490D4C%40AdobeOrg Value: -1303530583%7CMCIDTS%7C19880%7CMCMID%7C44874690689956321833844070156032433243%7CMCAAMLH-1718203720%7C7%7CMCAAMB-1718203720%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1717606120s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19887%7CvVersion%7C3.3.0
.liadm.com/	1970-01-21 06:42:38	Name: lidid Value: 0f57f439-ea13-4d6a-a996-3bc942f0f190
.www.linkedin.com/	1970-01-21 05:52:14	Name: bscookie Value: "v=1&20240605144840fda07acd-2148-4e66-8729-a38f5c8725d7AQEjsgI3VsN3kXEy68nxt3jRZU_71tsn"
.snapchat.com/	1970-01-21 06:28:14	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwQ2AMAwDwIki2aWpG8aJDFN0eL7c69y8nHhCNmK2Mmr3iqLXC8gYeThxU1TWrsHzKz53OuFBQAAAAA==
.prh.com/	1970-01-20 21:08:05	Name: _ce.clock_data Value: 90%2C38.132.118.71%2C1%2Cc92baae71318dc81de51a663df2f8b4f%2CChrome%2CUS
.prh.com/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.prh.com/	1970-01-21 05:52:14	Name: _ce.s Value: v~f22a51d1d7d12bb0eb41445d05c1b8191373697c~lcw~1717598921114~lva~1717598920805~vpv~0~v11.cs~436614~v11.s~b319cfa0-234a-11ef-a4cc-778f5d47d72b~lcw~1717598921115
.casalemedia.com/	1970-01-21 05:52:14	Name: CMID Value: ZmB6ydHM71QAAGHOAFvRlAAA
.casalemedia.com/	1970-01-20 23:16:14	Name: CMPS Value: 374
.casalemedia.com/	1970-01-20 23:16:14	Name: CMPRO Value: 374
.rubiconproject.com/	1970-01-21 05:52:14	Name: khaos Value: LX1Y1TMN-1C-4Z8B
.rubiconproject.com/	1970-01-21 05:52:14	Name: audit Value: 1\|ZQ+UPZ2kq7zm00eB6M3s5YcPvrbOOx1kCQ56bfV/YB+bz16xSA9sXRxIKHZOtCDeLLDsyIfpPteM1KxoLazIt8oW2SgbbjsrEOjxxX8e+bM0chr1HKCqnwvWFcGIdN0BwdUqY5L3XrR/6K+MJaMXAo76/Gy8ewrDCOeqF/Dn4Co=
.rubiconproject.com/	1970-01-20 23:16:14	Name: receive-cookie-deprecation Value: 1
.tapad.com/	1970-01-20 22:33:02	Name: TapAd_TS Value: 1717598921291
.tapad.com/	1970-01-20 22:33:02	Name: TapAd_DID Value: 1cf0d040-9b97-4a8c-ab78-79d4076f1c0b
.tapad.com/	1970-01-20 22:33:02	Name: TapAd_3WAY_SYNCS Value:
.sitescout.com/	1970-01-20 21:49:50	Name: _ssuma Value: eyIyIjoxNzE3NTk4OTIxMzQwLCI0IjoxNzE3NTk4OTIxMzQwLCIzOSI6MTcxNzU5ODkyMTM0MCwiNyI6MTcxNzU5ODkyMTM0MCwiOCI6MTcxNzU5ODkyMTM0MH0
.sitescout.com/	1970-01-21 05:52:14	Name: ssi Value: 312a9985-1350-47f3-963e-bc7f602482a4#1717598921339
.prh.com/	1970-01-21 06:36:25	Name: _sctr Value: 1%7C1717581600000
.adnxs.com/	1970-01-21 06:42:38	Name: receive-cookie-deprecation Value: 1
.rlcdn.com/	1970-01-21 05:52:14	Name: rlas3 Value: vj8YuMR9QFCpUedU/r1pvVRNABNeeHn4jTJHz1eitso=
.pubmatic.com/	1970-01-20 23:16:14	Name: KRTBCOOKIE_218 Value: 22978-ZmB6yAAAAJt-2AMv&KRTB&23194-ZmB6yAAAAJt-2AMv&KRTB&23244-ZmB6yAAAAJt-2AMv
.pubmatic.com/	1970-01-20 21:49:50	Name: PugT Value: 1717598920
.demdex.net/	1970-01-21 01:25:50	Name: dextp Value: 144230-1-1717598920827\|144231-1-1717598920929\|144232-1-1717598921030\|144233-1-1717598921130\|144234-1-1717598921231\|144235-1-1717598921332\|144236-1-1717598921433\|144237-1-1717598921534
.exelator.com/	1970-01-20 23:59:26	Name: EE Value: "813b623df92788205e6add4594fd1929"
.rlcdn.com/	1970-01-20 22:33:02	Name: pxrc Value: CMn1gbMGEgUI6AcQAA==
.exelator.com/	1970-01-20 23:59:26	Name: ud Value: "eJxrXxzq6XKLQcHC0DjJzMg4Jc3SyNzCwsjANNUsMSXFxNTSJC3F0NLIcnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIdEl%252BUWb6otDgxUUpaQyLSopPBR%252F%252FUgAAeHwqZA%253D%253D"
.crwdcntrl.net/	1970-01-21 03:35:24	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 03:35:24	Name: _cc_id Value: 7764f00a3df7b0423cce843ae29504c3
.crwdcntrl.net/	1970-01-21 03:35:26	Name: _cc_cc Value: "ACZ4nGNQMDc3M0kzMEg0TkkzTzIwMTJOTk61MDFOTDWyNDUwSTZmAIK0hKqTDAgAAFBICrI%3D"
.crwdcntrl.net/	1970-01-21 03:35:26	Name: _cc_aud Value: "ABR4nGNgYGBIS6g6yQAHABjhAgo%3D"

180 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.prh.com/get-offline-and-unwind-giveaway/rules Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
b-code.liadm.com
bit.ly
c.lytics.io
cdn.fonts.net
cdn01.basis.net
cm.everesttech.net
connect.facebook.net
ct.pinterest.com
datacloud.tealiumiq.com
dpm.demdex.net
googleads.g.doubleclick.net
pixel-sync.sitescout.com
pixel.sitescout.com
px.ads.linkedin.com
px4.ads.linkedin.com
ranh.demdex.net
res.cloudinary.com
rp.liadm.com
rp4.liadm.com
s.amazon-adsystem.com
s.pinimg.com
sc-static.net
scode.randomhouse.com
script.crazyegg.com
sites.prh.com
snap.licdn.com
tags.tiqcdn.com
tr.snapchat.com
tr6.snapchat.com
tracking.crazyegg.com
visitor-service-us-east-1.tealiumiq.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
c.lytics.io
13.107.42.14
142.251.163.155
151.101.192.84
157.240.229.1
172.217.222.157
172.253.63.147
18.217.58.127
216.157.106.133
23.212.249.86
2600:1408:5400:1c::173d:b3d
2600:1f18:730:b120:bc0d:196f:f88c:da64
2600:9000:20ed:4e00:7:2bfb:7c00:93a1
2600:9000:2509:b600:8:8845:1500:93a1
2600:9000:25c8:fe00:10:6ab2:f640:93a1
2606:4700:20::681a:216
2606:4700::6810:291c
2606:4700::6813:9308
2606:4700::6813:a741
2607:f8b0:400d:c1d::61
2620:1ec:21::14
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:77::84
3.162.129.245
34.228.125.52
34.36.216.150
35.190.43.134
44.217.109.191
44.217.20.44
52.46.151.131
54.198.163.17
54.204.216.154
63.140.39.22
67.199.248.10
69.28.187.147
03a71cfbbf7a73d828943f0b387a8e601f6a596b1a84728af5707fcfdb53cad8
05869be94955e402b7345c9ff1d9c448c73bf1d55da74207aff33fecde384ade
071982af190b66a075c3f7b5f3581bd2a7f959a9bed76d53431229234412f3a3
0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8
08f264d067dd0a23c29f2241ce9a21740a51006bd4edce3af9453317a88bbfe7
112c9d89211958b40e4c27e1ab3390a3508fa61e14d722ca914ff6507bd09ec2
18986a6c90fc5a4ede6b7c8d58765f0df5a3d8cfec5c7462fb71a11f7c9fa54c
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
275181930cd0026eb2f68907addce0d84b975cf21d078b2df861599b8768d99d
2b6f334e67ca56ccfc6677473f1fb9e6408733323af10883bfad7b175b1cf1c8
2e44273ef77efde93addc4f59a6de775256efc74715ba2c1e566b31594859e05
305f76c397556c7c653b7f550a52a523b94d3ba5db7e8e6b155493c70220202b
32b0a19f3c9794d81a92a324c877ebdf93e2b1654a5474eb297ea0b83197931b
32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565
3909ea095537ad8cb665ff1c36887ebbddaca19098bededca5043ff7f3e8b442
3980c0fa916c9021d1993bd4ecb45990a6717bbadbcd68efcae622244485dd3c
3c04701c5a9e9e7beb083f679cd31d9e6ecdcc243e1c52ec10c3bbcb5b36990f
3ed637eaae9d726faedf166af27d372145996d5965de1c8c830f84277ded3f5d
41bb8578a326ce9d48eba5ae604507f4f98508b2ffdb567247ded145745b63fd
42f62bf4c7da60751add257278da9ad557154d9fd5c60df66484a8fe13ed5565
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4564783a89e447cf9ffa0bd15b57ad9bcd528fe3490a0c0ecc2a77c03fb9536e
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
4c0566f4ff229e5802af708c7b9255ad761d2c009f24cf8684a7cb3c8fbe4cde
4e418ccdf735c8ea76e304565306059ca61d7891a50c5a6622ae3581bc062f7a
5312c84776d47d07285043ba061c45171ac4591f6180dc47324b45abb1e08b73
53c84a3d6408a4ef1ffeede221b13748f8f599fb5f3a80d08c5d8ef9967e38ab
5612e07185add6333ccf39345089eedafce9235ae2770f3e3c93e88805532780
57fcf61e69228bf0b96e6e501963c7bdcc7aa4f7f8cdb854ac50a2bac7c67179
5bb8574cf0d2ec1b2b03e155dd595c043a90b2277f8608f326e7f8b20bc43b7a
64f79d2b82f30e45a0f64e55d407500f68dd1de845dac688084e88cc4bfff4e4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d902735684c243a285272fd07bc42b8307bc07bb653ef2e21612a9fe1119156
720cf6a5c7798546b870deb2d636608c7259d283ddbfef95d3e64f43e7d75c2c
744920f42cff78a7f0ebbad9d8f8c0a64eedd710e7acdaa944032f4a387cfc56
7502dcecd3fe9aec950d3623d67c95af3583fd5a64e668689b63be507dbfbd0c
76339f247090db023ce7cf990559ca34934e07a3b46e795f31670895413970a0
7815f58eb94bca50f535a4c4f8187ad140fa6e5bfeebe4e80d6518c565068bf0
7816a1a149d5c1b9ee849a5c35fbb3d8eb84f3ac8dd1c958c6850b34a949439a
786bc3ca7cf7c3f9a63151fd14005d65adf513c9f16c6542895ba85af822aec7
7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30
7bfcc6a697b890dddb2e1a924c70e16510bed0d1a7016fd382af08c71df1ae1a
7f15931143965c295d76c2875ec260f812a0eb5149cf083845f218ed4c7bad43
81c758e605c5ab8e18865ca2d4fc7c24ba9c8b4451af9816f0c0e33706bcb0a9
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8dffe06fa502526834dde25bd92689fa7c0f89cf100877c8fe4b8a03b478c4fd
9505d83c49a71af53eddfcda8e352ff7ae004c5b038711c8755467ec61c36b40
95c3a41dc0300691569690f968222223b3cf13c9c950e6ac2f0c48003b71f8bb
96f7f14d33c194b59a7ffb94270c4d5a03ed28def6ad49506df0ad837171671f
9b7d92d23f39b9c32f3346a5a3915e940efddbf65882ef12a89b17a72d3838ca
9d741372f8c4d3d6e071e8c796f1773fbe1556729584a99c4ffce7b17497592a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dfeb6a6645bed6ebd559ee3e42a6c83a8c00c2be38c1f7b333b1694bf8ab7f
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a38023e8632a4d511fe4f0549b001ef7422b9e172b6c0f9f9983991c2af94e76
a7595cabc12bbf1e5616032ad80422b85120a683ee8ffdbf1faacc635a2984e5
aa4d0bca0785a5b5d5e8110a67aca76bb49a6195057033ce5481518f75157b9f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abdd07d20dc6ebb3a89391c3b9bae6094a30ec09d2a17f3b59e9e904c17d4b5a
ae66785b392d01948295fd618bc5d952d128e710089db2e7bbd3a8d6a2c70f68
af76d9d38d90555cd6c98c9dc3ba191bb3bc7091adac6e2ec687c2fe9363c0d5
b2bc005d2a64f9a13b728871ef037b05a0658801b61e00418964920fc1d5cd32
b3454237c68c0f9fc0896ef59b05e5bd9d8c82cc76ee2b3bd5f314906315309c
b6c924add27aeef94788b4cc3811148e46ce25034c8aae64bb7bbc308073bba0
bad9f608511717a493cbad0e9b2127cc417cac995df4d9915461fc603da9f18c
bbcaea2f5270b092d8de9217541148a27a51880cd5029f612d69f2c38d6c2aba
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
d2afc73ae84e0d3f3a16af4d902180759c2ba7141c188e876743f3d39ec16f93
d575c52f4572aba8af37b3c5fc87b8d504fdcc12042aa7808f42c2e9b3f9ec7c
d656ffdbdeccfed4f0e485f95da5f80370ccfcba7a56e669181683d0c52ae871
d82ee094d22dc362f558b7995e8a229aad8472df6224af6348922f9c3ea825be
d85107473d8523ac6e889ca39753b9c3fd7ab0b24020c5c25182929b0436ac17
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
db821a0ed6798ff15aa2a5567bf438ad9a4660916d756038027dc7cf75568165
dca9c7e0246a726ba021661c6ea7728c569bf038195d4e2a68fb8371d4a48516
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b590dfe36b1751c0320cde51a64a56cff57a44cc5e712ab5d696a230456b8f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef774bedbe77e522d4744a3309c90dbbc745df5253eb4972485898ba8ccf9bdd
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f26cb6904c75a3dcb095eaf6bc51ebb399b02a5ba3bfee5f105d8b2cacd81708
f32251b00bc6e0764a64a01525d6fa5733310a43547abefd2486a16c74715006
fbca76606744d96ed96d7f6ed37771b00e312a2ee09f01f59cac71c33da1dc1d
fce3dd79f6439614bd0067fdb4747883bb1a414133f1d33cc75c3f43afdeb4f9
fd78a5fe7be10e791ef6bceeda8436bd735ef5d46bc3deb98312a4f56f36f147
fe4520b7ee4db56aefcabbe856c50bd3bb3fdcc63bce85f5e3983064d336ced3

sites.prh.com Open in urlscan Pro 2600:9000:25c8:fe00:10:6ab2:f640:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

93 %HTTPS

40 %IPv6

28 Domains

37 Subdomains

33 IPs

1 Countries

1313 kBTransfer

3839 kBSize

79 Cookies

7 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sites.prh.com Open in urlscan Pro
2600:9000:25c8:fe00:10:6ab2:f640:93a1 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

93 %
HTTPS

40 %
IPv6

28
Domains

37
Subdomains

33
IPs

1
Countries

1313 kB
Transfer

3839 kB
Size

79
Cookies

126 HTTP transactions
0 data transactions