www.kristv.com Open in urlscan Pro
13.226.159.82 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Submission: On March 21 via manual (March 21st 2021, 1:46:28 am UTC) from US

Summary HTTP 256 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 79 IPs in 11 countries across 75 domains to perform 256 HTTP transactions. The main IP is 13.226.159.82, located in United States and belongs to AMAZON-02, US. The main domain is www.kristv.com.
TLS certificate: Issued by Amazon on October 6th 2020. Valid for: a year.

This is the only time www.kristv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	13.226.159.82 13.226.159.82	16509 (AMAZON-02) (AMAZON-02)
6	13.226.159.114 13.226.159.114	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:4200:9:4c16:5180:21	16509 (AMAZON-02) (AMAZON-02)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
8	23.218.209.87 23.218.209.87	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	13.226.159.90 13.226.159.90	16509 (AMAZON-02) (AMAZON-02)
5	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:710... 2a02:26f0:7100:298::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:2200:d:77c3:2dc0:21	16509 (AMAZON-02) (AMAZON-02)
15	23.218.209.154 23.218.209.154	16625 (AKAMAI-AS) (AKAMAI-AS)
4	13.226.158.204 13.226.158.204	16509 (AMAZON-02) (AMAZON-02)
2	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.159.89 13.226.159.89	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	184.30.25.193 184.30.25.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	151.101.14.137 151.101.14.137	54113 (FASTLY) (FASTLY)
1	3.8.225.221 3.8.225.221	16509 (AMAZON-02) (AMAZON-02)
2	13.226.159.22 13.226.159.22	16509 (AMAZON-02) (AMAZON-02)
1	185.59.220.197 185.59.220.197	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1 5	104.108.64.33 104.108.64.33	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:1200:10:618e:d880:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
10	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:8e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:e8a... 2600:1f18:e8a:cd08:3437:aff5:50c:d298	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
8	18.190.13.23 18.190.13.23	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 1	206.189.254.17 206.189.254.17	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
8	167.172.1.14 167.172.1.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
6	70.42.32.159 70.42.32.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1 1	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.108.50.124 104.108.50.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.162.133.148 178.162.133.148	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	23.218.208.200 23.218.208.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
2 7	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3 5	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	52.59.28.101 52.59.28.101	16509 (AMAZON-02) (AMAZON-02)
5 5	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	2600:1f18:612... 2600:1f18:612b:4264:7659:1bf:d736:fba9	14618 (AMAZON-AES) (AMAZON-AES)
5 5	52.58.146.86 52.58.146.86	16509 (AMAZON-02) (AMAZON-02)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
19	151.101.114.137 151.101.114.137	54113 (FASTLY) (FASTLY)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.167 213.155.156.167	1299 (TELIANET ...) (TELIANET Telia Carrier)
7	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	52.49.193.31 52.49.193.31	16509 (AMAZON-02) (AMAZON-02)
7 16	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	185.86.139.89 185.86.139.89	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 13	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	94.23.73.243 94.23.73.243	16276 (OVH) (OVH)
1	72.251.241.204 72.251.241.204	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3039::6815:c034	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 2	35.157.48.14 35.157.48.14	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
2 3	34.252.253.152 34.252.253.152	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
2 2	185.29.132.69 185.29.132.69	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	52.215.39.23 52.215.39.23	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 1	178.62.202.251 178.62.202.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
1 1	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	52.30.76.93 52.30.76.93	16509 (AMAZON-02) (AMAZON-02)
4	3.141.126.26 3.141.126.26	16509 (AMAZON-02) (AMAZON-02)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
2 2	213.19.147.151 213.19.147.151	3356 (LEVEL3) (LEVEL3)
1 1	185.86.137.122 185.86.137.122	201081 (SMARTADSE...) (SMARTADSERVER)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
256	79

6 13.226.159.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-82.dus51.r.cloudfront.net

www.kristv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.226.159.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-114.dus51.r.cloudfront.net

ewscripps.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:4200:9:4c16:5180:21 (United States)

ASN16509 (AMAZON-02, US)

d25dfknw9ghxs6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.218.209.87 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-87.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-90.dus51.r.cloudfront.net

assets.scrippsdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:298::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:2200:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2s8wlbatk24s7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.218.209.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-154.deploy.static.akamaitechnologies.com

sejs.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.158.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-204.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-89.dus51.r.cloudfront.net

yummy.consumable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.25.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-193.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.137 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.8.225.221 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-225-221.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-22.dus51.r.cloudfront.net

api.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.197 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-197.datapacket.com

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

4394967.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.108.64.33 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-64-33.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:1200:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:8e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.190.13.23 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-13-23.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.189.254.17 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

serverbid-sync.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 167.172.1.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.50.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.148 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1.go.sonobi.com

go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

gift-connect-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.218.208.246 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.87 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.59.28.101 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.0.31 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4264:7659:1bf:d736:fba9 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pbs.publishers.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.58.146.86 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.101.114.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

lit.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

includemodal.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.193.31 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.73.243 (Lisbon, Portugal) 1 redirects

ASN16276 (OVH, FR)

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c034 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.48.14 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.190 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.252.253.152 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.246 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.69 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.39.23 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.202.251 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.241 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.76.93 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.141.126.26 (Columbus, United States)

ASN16509 (AMAZON-02, US)

includemodal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.151 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.122 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	doubleclick.net 8 redirects 4394967.fls.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	167 KB
30	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com lit.connatix.com vid.connatix.com img.connatix.com	378 KB
28	googlesyndication.com pagead2.googlesyndication.com 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com tpc.googlesyndication.com	804 KB
27	pubmatic.com 1 redirects ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com aud.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	49 KB
16	moatads.com sejs.moatads.com mb.moatads.com px.moatads.com z.moatads.com	372 KB
11	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com mv.outbrain.com	99 KB
9	serverbid.com 1 redirects sync.serverbid.com e.serverbid.com	697 B
7	openx.net 2 redirects gift-connect-d.openx.net eu-u.openx.net us-u.openx.net	2 KB
7	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	20 KB
6	yahoo.com 5 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	5 KB
6	typekit.net use.typekit.net p.typekit.net	123 KB
6	brightspotcdn.com ewscripps.brightspotcdn.com	463 KB
6	kristv.com www.kristv.com	402 KB
5	googletagservices.com www.googletagservices.com	171 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	casalemedia.com 3 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	5 KB
5	google.com adservice.google.com www.google.com	1 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	4 KB
5	google-analytics.com www.google-analytics.com	20 KB
4	includemodal.com includemodal.com	529 B
4	adform.net 4 redirects c1.adform.net	1 KB
4	fastly.net includemodal.global.ssl.fastly.net	42 KB
4	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	4 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	quantserve.com 2 redirects secure.quantserve.com pixel.quantserve.com	10 KB
4	amazon-adsystem.com c.amazon-adsystem.com	35 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	bidr.io 3 redirects match.prod.bidr.io	1 KB
3	advertising.com 3 redirects pixel.advertising.com	1 KB
3	cheqzone.com ob.cheqzone.com obs.cheqzone.com	22 KB
3	ewscloud.com api.ewscloud.com static.ewscloud.com	5 KB
3	fontawesome.com use.fontawesome.com	132 KB
3	cloudfront.net d25dfknw9ghxs6.cloudfront.net d2s8wlbatk24s7.cloudfront.net	64 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	745 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	724 B
2	scoota.co 2 redirects r.scoota.co	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	simpli.fi 1 redirects um.simpli.fi	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	994 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	tapad.com 1 redirects pixel.tapad.com	616 B
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	650 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com	1 KB
2	smartadserver.com 1 redirects rtb-csync.smartadserver.com ssbsync.smartadserver.com	619 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	betweendigital.com 2 redirects ads.betweendigital.com	1023 B
2	tremorhub.com 1 redirects pbs.publishers.tremorhub.com	512 B
2	sonobi.com go.sonobi.com sync.go.sonobi.com	1 KB
2	google.de adservice.google.de	2 KB
2	facebook.net connect.facebook.net	63 KB
2	media.net contextual.media.net hblg.media.net	84 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	696 B
1	1rx.io 1 redirects sync.1rx.io	829 B
1	2mdn.net s0.2mdn.net	20 KB
1	gumgum.com 1 redirects rtb.gumgum.com	336 B
1	playground.xyz 1 redirects ads.playground.xyz	486 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	turn.com 1 redirects ad.turn.com	518 B
1	zeotap.com mwzeom.zeotap.com	596 B
1	contextweb.com 1 redirects bh.contextweb.com	461 B
1	ad4m.at ad4m.at	1 KB
1	adgrx.com cm.adgrx.com	408 B
1	erne.co 1 redirects green.erne.co	325 B
1	criteo.com dis.criteo.com	284 B
1	emxdgt.com cs.emxdgt.com
1	digitaloceanspaces.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com	5 KB
1	quantcount.com rules.quantcount.com	1 KB
1	consumable.com yummy.consumable.com	22 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	scrippsdigital.com assets.scrippsdigital.com	4 KB
1	skimresources.com s.skimresources.com
0	wbtrk.net Failed um.wbtrk.net Failed
256	75

	Domain	Requested by
16	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com www.kristv.com gift-connect-d.openx.net
13	simage2.pubmatic.com	1 redirects image6.pubmatic.com ads.pubmatic.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com d25dfknw9ghxs6.cloudfront.net
12	vid.connatix.com	cd.connatix.com www.kristv.com
11	px.moatads.com	www.kristv.com
10	securepubads.g.doubleclick.net	www.kristv.com securepubads.g.doubleclick.net d25dfknw9ghxs6.cloudfront.net www.googletagservices.com
8	e.serverbid.com	d25dfknw9ghxs6.cloudfront.net www.kristv.com ads.pubmatic.com gift-connect-d.openx.net
8	capi.connatix.com	cd.connatix.com
7	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
7	widgets.outbrain.com	www.kristv.com widgets.outbrain.com
6	img.connatix.com	www.kristv.com
6	ewscripps.brightspotcdn.com	www.kristv.com
6	www.kristv.com	www.kristv.com ewscripps.brightspotcdn.com
5	www.googletagservices.com	securepubads.g.doubleclick.net 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
5	x.bidswitch.net	5 redirects
5	ups.analytics.yahoo.com	5 redirects
5	log.outbrainimg.com	d25dfknw9ghxs6.cloudfront.net widgets.outbrain.com
5	sb.scorecardresearch.com	1 redirects www.kristv.com widgets.outbrain.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.kristv.com
5	use.typekit.net	ewscripps.brightspotcdn.com use.typekit.net
4	includemodal.com	www.kristv.com 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
4	c1.adform.net	4 redirects
4	includemodal.global.ssl.fastly.net	securepubads.g.doubleclick.net 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
4	c.amazon-adsystem.com	www.kristv.com d25dfknw9ghxs6.cloudfront.net
3	eu-u.openx.net	1 redirects gift-connect-d.openx.net
3	dsum-sec.casalemedia.com	1 redirects googleads.g.doubleclick.net
3	match.adsrvr.org	2 redirects gift-connect-d.openx.net
3	match.prod.bidr.io	3 redirects
3	www.google.com	securepubads.g.doubleclick.net 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
3	z.moatads.com	securepubads.g.doubleclick.net
3	pixel.advertising.com	3 redirects
3	ib.adnxs.com	3 redirects
3	ads.pubmatic.com	sync.serverbid.com ads.pubmatic.com
3	pixel.quantserve.com	2 redirects www.kristv.com
3	stats.g.doubleclick.net	d25dfknw9ghxs6.cloudfront.net
3	use.fontawesome.com	www.kristv.com use.fontawesome.com
2	us-u.openx.net	gift-connect-d.openx.net
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	googleads.g.doubleclick.net	3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com www.kristv.com
2	pixel-sync.sitescout.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	r.scoota.co	2 redirects
2	sync.mathtag.com	2 redirects
2	um.simpli.fi	1 redirects ads.pubmatic.com
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	pm.w55c.net	2 redirects
2	pixel.tapad.com	1 redirects image6.pubmatic.com
2	dsp.adfarm1.adition.com	2 redirects
2	d5p.de17a.com	2 redirects
2	ads.betweendigital.com	2 redirects
2	pbs.publishers.tremorhub.com	1 redirects www.kristv.com
2	ssum-sec.casalemedia.com	2 redirects
2	gift-connect-d.openx.net	1 redirects sync.serverbid.com
2	eus.rubiconproject.com	sync.serverbid.com eus.rubiconproject.com
2	3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.de	adservice.google.com securepubads.g.doubleclick.net
2	adservice.google.com	4394967.fls.doubleclick.net securepubads.g.doubleclick.net
2	obs.cheqzone.com	ob.cheqzone.com www.kristv.com
2	4394967.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	api.ewscloud.com	ewscripps.brightspotcdn.com
2	cds.connatix.com	www.kristv.com cd.connatix.com
2	connect.facebook.net	www.kristv.com connect.facebook.net
2	d2s8wlbatk24s7.cloudfront.net	d25dfknw9ghxs6.cloudfront.net includemodal.global.ssl.fastly.net
1	simage4.pubmatic.com	ads.pubmatic.com
1	ssbsync.smartadserver.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.1rx.io	1 redirects
1	s0.2mdn.net	3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
1	rtb.gumgum.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	match.adsby.bidtheatre.com	1 redirects
1	ad.turn.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	match.taboola.com	image6.pubmatic.com
1	trc.taboola.com	1 redirects
1	bh.contextweb.com	1 redirects
1	ad4m.at	image6.pubmatic.com
1	s.tribalfusion.com	image6.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	cm.adgrx.com	image6.pubmatic.com
1	green.erne.co	1 redirects
1	rtb-csync.smartadserver.com	image6.pubmatic.com
1	dis.criteo.com	image6.pubmatic.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	image6.pubmatic.com	ads.pubmatic.com
1	lit.connatix.com	cd.connatix.com
1	sync.go.sonobi.com	www.kristv.com
1	cs.emxdgt.com	sync.serverbid.com
1	go.sonobi.com	sync.serverbid.com
1	secure-assets.rubiconproject.com	1 redirects
1	mv.outbrain.com	widgets.outbrain.com
1	images.outbrainimg.com	www.kristv.com
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	odb.outbrain.com	widgets.outbrain.com
1	serverbid-sync.nyc3.cdn.digitaloceanspaces.com	www.kristv.com
1	sync.serverbid.com	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	static.ewscloud.com	www.kristv.com
1	secure.quantserve.com	www.kristv.com
1	ob.cheqzone.com	widgets.outbrain.com
1	hblg.media.net	www.kristv.com
1	mb.moatads.com	sejs.moatads.com
1	cd.connatix.com	1 redirects
1	widget-pixels.outbrain.com	www.kristv.com
1	tcheck.outbrainimg.com	d25dfknw9ghxs6.cloudfront.net
1	yummy.consumable.com	www.kristv.com
1	contextual.media.net	www.kristv.com
1	sejs.moatads.com	www.kristv.com
1	www.googletagmanager.com	www.kristv.com
1	p.typekit.net	use.typekit.net
1	assets.scrippsdigital.com	www.kristv.com
1	s.skimresources.com	www.kristv.com
1	d25dfknw9ghxs6.cloudfront.net	www.kristv.com
0	um.wbtrk.net Failed	3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
256	121

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.yourcwtv.com
scripps.com
telemundocc.com
scripps.wd5.myworkdayjobs.com
twitter.com
urldefense.proofpoint.com
x-default-stgec.uplynk.com
www.outbrain.com
www.dontwasteyourmoney.com
support.kristv.com
assets.scrippsdigital.com
publicfiles.fcc.gov
www.instagram.com

Subject Issuer	Validity	Valid
*.scrippsnationalnews.com Amazon	`2020-10-06` - `2021-11-05`	a year	crt.sh
ewscripps.brightspotcdn.com Amazon	`2020-06-28` - `2021-07-28`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2020-09-10` - `2021-10-12`	a year	crt.sh
*.scrippsdigital.com Amazon	`2020-09-04` - `2021-10-06`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
*.consumable.com Amazon	`2020-09-23` - `2021-10-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
*.ewscloud.com DigiCert SHA2 Secure Server CA	`2019-08-02` - `2021-10-13`	2 years	crt.sh
ob.cheqzone.com R3	`2021-03-10` - `2021-06-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
obs.cheqzone.com R3	`2021-02-14` - `2021-05-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert SHA2 Secure Server CA	`2020-03-11` - `2021-04-14`	a year	crt.sh
e.serverbid.com R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-08` - `2021-08-08`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
includemodal.com Amazon	`2020-11-15` - `2021-12-14`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh

This page contains 34 frames:

Primary Page: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Frame ID: 2B15F1C112936CE9A31FB29D2F519426
Requests: 121 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: D7C9C48B03CA6F9ABF88EFD18E0ACF99
Requests: 2 HTTP requests in this frame

Frame: https://cds.connatix.com/p/108993/connatix.playspace.dc.js
Frame ID: 4A2D6B235F1B93CD538C22ABC61AE751
Requests: 11 HTTP requests in this frame

Frame: https://4394967.fls.doubleclick.net/activityi;dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds;~oref=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds
Frame ID: 98E9A1665999A5B805A1C165E63D85D9
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds;~oref=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds
Frame ID: A0C12C9E3AD5C63A6EB7114E0A7874C1
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds;~oref=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds
Frame ID: F3E23F30391E0F335A7692E42BFCC7D9
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 5505568E95E74C5E5C6C1B2E82C2D42F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: CB8DAD5F25ACA6154955274D210042FE
Requests: 3 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: 2343CC4AF70F99696B0866716020DC36
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: 510D4B9849C09603E8A19B6529FEC7D5
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: D155047E7B04DD1D6BCECC592E9EC1DD
Requests: 1 HTTP requests in this frame

Frame: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Frame ID: B55B85B9D1B6A87322E0CA34E3A2DC26
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9431701D2A1985F1F986FC0A36424D9D
Requests: 25 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: 4BCD9E6BB580ADC5B2B495783855194C
Requests: 10 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: 3935D77096799C34EA24CF7D03486DA9
Requests: 10 HTTP requests in this frame

Frame: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 1B32BEDDA42A9D69F830A7FE6EC150FE
Requests: 18 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: 7EA21AADF271AB2F0431FF539EF269AD
Requests: 11 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7905935615319457315
Frame ID: 835134F38F893263BD7AC304ABB15CE0
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2A2454B2C22FE050F45BF63D1E84A835
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir
Frame ID: 897FDBAE8CB6CBC18E6A256E3B9302A8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941917685906012309
Frame ID: F83BE8F7BB388969B028C3354DCC50D1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=PvgSlbgaupAbEUfafC2bWgYK
Frame ID: 0609D2D04E15C7846025DEE56D0FAA9A
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F5735444F5EBF96510F9E708AD39B324
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E2FFE7C6394B934A075ABD896C988790
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 05E4020EED6F6281F427822E01398EEF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=zBi3tuFlPUoi&pid=557219
Frame ID: 86F90AA38032B9323F31355B62F90609
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1151c9e1-915b-4415-acc0-88f537542152-tuct7502ade&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: FD5AE171FC367D4E4E237A3A9B6BD61D
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: D5CF5E48578DE8D388E4E821F8D7EA0A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Erw6rgFm1LnNam5&gdpr=0&gdpr_consent=
Frame ID: DD5DC431A2CEAABBAD0391E4C8EEC0F4
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=400BB623-F7FC-4DE3-A113-A57AD83AF8AC
Frame ID: 67387DDAB8E03183DE208B7CE84C34BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhj69uyVATAB&v=APEucNVMg4aKPGOmYdVAapSbY1IZNymh0vbkeek2gn56fO0ZOiU1Ba_PkRKDU-Q1jP98975MMAmybwD6KJ0KCNuE7thgmh0nEvK-wMiLOy-D7KssXyEMzoo62SVAJPyGO32ETIiWqVMgJSuepKE0Ym5QkJ8QsBDHx-f2Vppfg0U19b31ESBgbHcmMrnALDJPxZMTyFBfrYT8exSI-xQHXuxjp9ThPX9oPA
Frame ID: D2E8FF49719E812AB7F049EA5A853BA8
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 78CECE2D8B21C21B9CC86F4973565AE2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9EB236CB13FF53B5F2C6331BA86DD673
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 66BACF3E33CBA769A7C3ED33226A23D1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Apache Tomcat (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

256
Requests

100 %
HTTPS

28 %
IPv6

75
Domains

121
Subdomains

79
IPs

11
Countries

3637 kB
Transfer

9861 kB
Size

5
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/KRISFridayNightFever
Title: FNF on Facebook

Search URL Search Domain Scan URL

URL: https://www.yourcwtv.com/partners/corpuschristi/index.php
Title: The CW South Texas

Search URL Search Domain Scan URL

URL: https://scripps.com/careers/find-a-job/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://telemundocc.com/
Title: Telemundo Corpus Christi

Search URL Search Domain Scan URL

URL: https://scripps.wd5.myworkdayjobs.com/Scripps_Careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=606179106552522&display=popup&href=https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds&text=Banks%20starting%20to%20release%20stimulus%20funds
Title: Tweet

Search URL Search Domain Scan URL

URL: https://urldefense.proofpoint.com/v2/url?u=https-3A__lnks.gd_l_eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMjcsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMTAzMTIuMzY5MjEwMzEiLCJ1cmwiOiJodHRwczovL3d3dy5pcnMuZ292L2Nvcm9uYXZpcnVzL2dldC1teS1wYXltZW50In0.O-5FS-5F6da-5F7wESAtY5xC-2DTAjuj-5FK5g918m-5FxmFJ40-2DQH0_s_779162647_br_99869017389-2Dl&d=DwMFAA&c=aLv4kG3eFBuAUFgZFQ07JQ&r=g-R9s1qMSMD8zsW8W0Vb5DzbFPjlK-UeslVsoWi5rx8&m=KkR6S3cX4I-qUD4QudL3DN3OhSFm_rCLLp_EauUWqLM&s=_LNcxsxJN08hkhyp6UMZD60MZCUHs0MXfrd8Hs61MBI&e=
Title: website.

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/92b/45becd2ce5fa40e4a2a753f09e2a520d/92beb5e81a87401cb3913f1ccf0eead6/92beb5e81a87401cb3913f1ccf0eead6_g.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/0b9/45becd2ce5fa40e4a2a753f09e2a520d/0b90fd201aaf4daca095cf6cc6ef3147/0b90fd201aaf4daca095cf6cc6ef3147_g.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/2e1/45becd2ce5fa40e4a2a753f09e2a520d/2e120625a92143c4ab862b56fc8f974f/2e120625a92143c4ab862b56fc8f974f_g.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/0b0/45becd2ce5fa40e4a2a753f09e2a520d/0b01c3e77e1a4580b711b6f8d8b01181/0b01c3e77e1a4580b711b6f8d8b01181_g.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/2df/45becd2ce5fa40e4a2a753f09e2a520d/2dfb949098a84b8db382ca00cc1addd0/2dfb949098a84b8db382ca00cc1addd0_g.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/86f/45becd2ce5fa40e4a2a753f09e2a520d/86fc238b551c4e439bb85fcd86119a1e/86fc238b551c4e439bb85fcd86119a1e_g.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: http://twitter.com/jjboggs
Title: on Twitter @jjboggs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/justinboggswrites
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://www.dontwasteyourmoney.com/
Title: Don't Waste Your Money

Search URL Search Domain Scan URL

URL: http://support.kristv.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://assets.scrippsdigital.com/docs/journalism-ethics-guidelines.pdf
Title: Journalism Ethics Guidelines

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kris
Title: FCC Public File

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KRIS6News
Title: KRIS6News

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kris6news/
Title: kris6news

Search URL Search Domain Scan URL

URL: https://twitter.com/KRIS6News
Title: KRIS6News

Search URL Search Domain Scan URL

URL: https://scripps.com/our-brands/local-media/
Title: Scripps Local Media

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/108993/connatix.playspace.dc.js

Request Chain 44

https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds;~oref=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds HTTP 302
https://4394967.fls.doubleclick.net/activityi;dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds;~oref=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds

Request Chain 59

https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1616291162628&ns_c=UTF-8&cv=3.5&c8=Banks%20starting%20to%20release%20stimulus%20funds&c7=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1616291162628&ns_c=UTF-8&cv=3.5&c8=Banks%20starting%20to%20release%20stimulus%20funds&c7=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&c9=&cs_ak_ss=1

Request Chain 67

https://sync.serverbid.com/ss/2000248.js HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.js

Request Chain 91

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 95

https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D HTTP 302
https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D

Request Chain 96

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YFalW7VstVgEp9oo4gDoVAAA%261189

Request Chain 97

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fe.serverbid.com%252Fudb%252F9969%252Fsync%252Fi.gif%253FpartnerId%253D28%2526userId%253D%2524UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=8631068722566386833

Request Chain 98

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP31e788f7-89e7-11eb-acbd-024d99c14610 HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP31e788f7-89e7-11eb-acbd-024d99c14610&verify=true HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP31e788f7-89e7-11eb-acbd-024d99c14610

Request Chain 100

https://pbs.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D HTTP 302
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D

Request Chain 101

https://x.bidswitch.net/sync?ssp=consumable HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=consumable HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=f9420e52-1b13-5250-9e37-2e81fe618bda&ssp=consumable&expires=30&user_group=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=304d95a2-0b97-499a-9611-e1c3b4cfdf1d

Request Chain 147

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7905935615319457315

Request Chain 149

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIQzAwN0FyVXNBQUJKUzhYd2Nhdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir

Request Chain 150

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941917685906012309

Request Chain 151

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=PvgSlbgaupAbEUfafC2bWgYK

Request Chain 153

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 155

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=zBi3tuFlPUoi&pid=557219

Request Chain 156

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1151c9e1-915b-4415-acc0-88f537542152-tuct7502ade&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 157

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Request Chain 158

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Erw6rgFm1LnNam5&gdpr=0&gdpr_consent=

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QAu2I_f8TeOhE6V62Dr4rA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 162

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 163

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&addseg=19,36,42

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDAwQkI2MjMtRjdGQy00REUzLUExMTMtQTU3QUQ4M0FGOEFD&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOj1bTO0Lp1FvNlo9RyGnVU&google_cver=1

Request Chain 167

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9fe3b101-81d5-4829-91e9-5d4dd1d60d21

Request Chain 168

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1134697904403359013

Request Chain 169

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d&gdpr=0&gdpr_consent=

Request Chain 170

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8631068722566386833&gdpr=0&gdpr_consent=

Request Chain 171

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=4604dd2c-6002-4660-ac78-97a26dbe2508&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=304d95a2-0b97-499a-9611-e1c3b4cfdf1d&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 173

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AZnjvyVE2uX1FDMpU6Zc0bTh7elPOBw-~A&gdpr=0&gdpr_consent=

Request Chain 174

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo

Request Chain 175

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YFalXAAAAIWpWVLS HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFalXAAAAIWpWVLS&gdpr=0&gdpr_consent=&_test=YFalXAAAAIWpWVLS

Request Chain 176

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8774347960990643334&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 177

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:76cb84bf-68be-4072-a0af-0fe2fe2b95bd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 178

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 180

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8631068722566386833

Request Chain 181

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c2207f13-313a-4eb3-aa49-ac05b9f9bb48

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNbsJsUDpxxZ8m5NANHfwo&google_cver=1

Request Chain 209

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YFalW7VstVgEp9oo4gDoVAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNbsJsUDpxxZ8m5NANHfwo&google_cver=1

Request Chain 219

https://um.simpli.fi/gp_match?google_gid=CAESEONirKvVsezdkWTPK7KPrZw&google_cver=1&google_push=AQvitUJet824E7WREf91rKQxVtRpa4_aDpcOlagB7sPkl7hvs7aZIGVse98S7xITVj5LqWSYM17oIPl90YHTpkyfG1BU0SaNKZ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=100B8B7951354F8183F57A45FEC957DA&google_push=AQvitUJet824E7WREf91rKQxVtRpa4_aDpcOlagB7sPkl7hvs7aZIGVse98S7xITVj5LqWSYM17oIPl90YHTpkyfG1BU0SaNKZ8

Request Chain 220

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEMVUeEJLTs0t1gBlViZqMgo&google_cver=1&google_push=AQvitUKZPUIU9L1yJ8Hk-rEJu6SSF_oXJ3dsF5JSrBV8BOReYy_3wv_ZdMjT3afW1SmgilLNXm9Bjmp1_--7HKfmr3mkHYC2enM HTTP 302
https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUKZPUIU9L1yJ8Hk-rEJu6SSF_oXJ3dsF5JSrBV8BOReYy_3wv_ZdMjT3afW1SmgilLNXm9Bjmp1_--7HKfmr3mkHYC2enM&google_sc&google_hm=EBAQEA

Request Chain 221

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEkzXmtqQhD69IDZfAWznJY&google_cver=1&google_push=AQvitUIA3oL5rKaDkQMjAkoPUokk7oeP1hh4dqIqPl4m2ryu4jjZpVQFAyk3WEAHggeTxLGiOJ1lFUxIrCI6HKeoSWdPyVBwww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk0MTkxNzY4NTkwNjAxMjMwOQ%3D%3D&google_push=AQvitUIA3oL5rKaDkQMjAkoPUokk7oeP1hh4dqIqPl4m2ryu4jjZpVQFAyk3WEAHggeTxLGiOJ1lFUxIrCI6HKeoSWdPyVBwww

Request Chain 223

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFZuvwNVtKC8LYHYYJzg8DM&google_cver=1&google_push=AQvitUKUP4TXB9w6BI0Wv5xHZH9cFGalCkoJrMjMqVWGBIAZuroOu7WxVrk2yk1G1EpMdPcujtDw1YQJ3OHh2qNiPeTjRZW8wsE HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8776ac06-fc5e-4542-a816-48aa12c41222-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUKUP4TXB9w6BI0Wv5xHZH9cFGalCkoJrMjMqVWGBIAZuroOu7WxVrk2yk1G1EpMdPcujtDw1YQJ3OHh2qNiPeTjRZW8wsE%26google_hm%3DA4d2rAb8XkVCqBZIqhLEEiI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKUP4TXB9w6BI0Wv5xHZH9cFGalCkoJrMjMqVWGBIAZuroOu7WxVrk2yk1G1EpMdPcujtDw1YQJ3OHh2qNiPeTjRZW8wsE&google_hm=A4d2rAb8XkVCqBZIqhLEEiI

Request Chain 224

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENopY87q59URCJeYZtCaDGI&google_cver=1&google_push=AQvitUL-sXAhey1lZIX-8mHuSVddNQ6rvmWvTGY_5qMNq1oHUBC0vLlxMB1sb8jzGN6DpNcWvpsP0XuW6_ZFJ1FZUu7fmsNBo7I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUL-sXAhey1lZIX-8mHuSVddNQ6rvmWvTGY_5qMNq1oHUBC0vLlxMB1sb8jzGN6DpNcWvpsP0XuW6_ZFJ1FZUu7fmsNBo7I&google_hm=MzYwMjEzMzM1NzAwMzUwODQxMQ%3D%3D

Request Chain 225

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPIflaCumShNi2cqvwi-qJk&google_cver=1&google_push=AQvitUJkwovAkTqyIsFwhRo2dGPFm5pMnnZGBefB7BKrygZJHL2cvx3ShEODcu9_H2Hdy7Fz_vpl_52yTskN23SGVC9n1bnYc6A HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPIflaCumShNi2cqvwi-qJk&google_cver=1&google_push=AQvitUJkwovAkTqyIsFwhRo2dGPFm5pMnnZGBefB7BKrygZJHL2cvx3ShEODcu9_H2Hdy7Fz_vpl_52yTskN23SGVC9n1bnYc6A&apid=UP31e788f7-89e7-11eb-acbd-024d99c14610 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAzMWU3ODhmNy04OWU3LTExZWItYWNiZC0wMjRkOTljMTQ2MTA%3D&google_push=AQvitUJkwovAkTqyIsFwhRo2dGPFm5pMnnZGBefB7BKrygZJHL2cvx3ShEODcu9_H2Hdy7Fz_vpl_52yTskN23SGVC9n1bnYc6A

Request Chain 233

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f3786056-a55d-4700-8abf-737ebec89590

Request Chain 234

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1r9e54G6XrDN7Fq32LxG4IS3DbPNuVrg1rd1-DeA

Request Chain 235

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2858789802235421228 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2858789802235421228

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAHQK0ARSzzWyjxIlmRwBdo&google_cver=1

256 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set banks-starting-to-release-stimulus-funds Show response
www.kristv.com/news/national/ 236 KB
64 KB 273ms
210ms Document
text/html 13.226.159.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-82.dus51.r.cloudfront.net
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: 480ba854183383c44508f6be2ab0fb2b3d0031353f007c891ef08d75b4a78477

Request headers

Host: www.kristv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=240
Content-Encoding: gzip
Date: Sun, 21 Mar 2021 01:46:01 GMT
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=1F6914009F198EB02BB717C631FD7E7C; Path=/; HttpOnly
X-Powered-By: Brightspot
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: nNu9wLlp5fenU8fRbB8yBNeN2-ZIgf4FCpdNUFYzd6QP7wDhN0Ewcw==

GET
H/1.1 200
OK All.min.93b839e1dcdb89d879de3df59fe7282f.gz.css
ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/ 154 KB
25 KB 43ms
13ms Stylesheet
text/css 13.226.159.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.93b839e1dcdb89d879de3df59fe7282f.gz.css
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-114.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f46919e25daae9d5f04e8d397e6ba3be2b891684ea77ca9f076bacca9d207ec

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Mar 2021 16:07:38 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 09 Mar 2021 16:07:37 GMT
Server: AmazonS3
Age: 985105
ETag: "4b179736be097b99579f9216bdae6b52"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 25234
X-Amz-Cf-Id: MzjHRnAtA1Lyg3KZdEH7P3WQW5qYb89efvghKpnanuYfjssk6MFQSA==

GET
H2 200 scsp.js Show response
d25dfknw9ghxs6.cloudfront.net/ 134 KB
34 KB 44ms
7ms Script
application/javascript 2600:9000:20eb:4200:9:4c16:5180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4200:9:4c16:5180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f94366efc6314725e16b4002b1e6903913b1f6d9f5757aec611205dcd0db3596

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: D6d3wRZSpYd2caAk52T_Z3UgQuNzycNf
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 20:14:21 GMT
server: AmazonS3
age: 35904
etag: W/"1315a3807c809bf51bb6f25ee163a270"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
date: Sat, 20 Mar 2021 15:47:39 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: TdgxeNU8aSHofkUYo1O3m2qDxvS01iRdKwd_ng-mt3wfpvOMCN8GIQ==

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
11 KB 21ms
7ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Origin: https://www.kristv.com
Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
content-encoding: gzip
last-modified: Wed, 20 Jun 2018 20:19:16 GMT
server: NetDNA-cache/2.2
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/271a5d6/2147483647/strip/true/crop/400x133+0+0/resize/400x133!/quality/90/ 31 KB
31 KB 15ms
15ms Image
image/png 13.226.159.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/271a5d6/2147483647/strip/true/crop/400x133+0+0/resize/400x133!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F77%2Fa3%2F60cf22814cc99ea6b2bd5c06711a%2Fkris-logo.png
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-114.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: c68673bcb163c2e9061587dc14a6288617bb2655078a1c04e7eb75711da010ab

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 06:21:41 GMT
Via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 3871461
ETag: 8686afbe674adff1cfcdb7f43c5bb3be
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: DUS51-C1
X-Robots-Tag: nofollow
Content-Length: 31310
X-Amz-Cf-Id: oF3V0b_FzL0siG-VZS5zIB2zHv4d4dERTgI3O8Ub4QIr_D8y-sjWAw==
Expires: Fri, 04 Feb 2022 06:21:41 GMT

GET
H/1.1 200
OK Blank.gif
www.kristv.com/styleguide/assets/ 57 B
474 B 15ms
15ms Image
image/gif 13.226.159.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kristv.com/styleguide/assets/Blank.gif
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-82.dus51.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

Referer: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 06:56:48 GMT
Via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache-Coyote/1.1
Age: 3178154
X-Cache: Hit from cloudfront
Content-Type: image/gif;charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 57
X-Amz-Cf-Id: O1rpKhEOBcBtNstBTVrkrQbFOtHDAjmk4jW9jtohr_QtmuaDQG1StQ==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 168 KB
56 KB 24ms
7ms Script
application/x-javascript 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c15727daac3b0139529330f2a7a99095fa93a8f7341a75b937ac93f04bb87341

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
content-encoding: gzip
edge-cache-tag: widget-cheetah
cookie: CheetahStaging=true
x-traceid: 680a21d574e44c50b0ae8b4817b19bf4
content-length: 57062
last-modified: Tue, 16 Mar 2021 14:27:22 GMT
etag: W/"29f28-Fn8ZJ8Pp7yjE7XsrnLpL1aRVU3I"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
timing-allow-origin: *, *
expires: Sun, 21 Mar 2021 05:46:02 GMT

GET
H2 404 .skimlinks.js
s.skimresources.com/js/ 0
0 175ms
155ms Script
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/.skimlinks.js
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK logo-scripps.png
assets.scrippsdigital.com/cms/images/ 3 KB
4 KB 84ms
13ms Image
image/png 13.226.159.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Via: 1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Oct 2017 14:04:11 GMT
Server: AmazonS3
Age: 106561
ETag: "f46791d665054bf21da09492d448e1d2"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Sat, 20 Mar 2021 08:22:05 GMT
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 3532
X-Amz-Cf-Id: SsampZYt3JKuIFVjXT-K5nPwGJXppg0KxarL26Dhy5lOxq_febDY5A==

GET
H/1.1 200
OK All.min.a63cd259008c90923851e9c737c245fd.gz.js Show response
ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/ 1 MB
107 KB 15ms
13ms Script
text/javascript 13.226.159.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-114.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1929f586066f2a140caac813d7b3008df5c3ef8b63fdefcea04a8934ccb8e555

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Mar 2021 16:07:39 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 09 Mar 2021 16:07:38 GMT
Server: AmazonS3
Age: 985104
ETag: "a8e263a064082fa389476e628e34258e"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 109249
X-Amz-Cf-Id: J55XBUlMBKL3m2ocETOI139vp9viSqpBM1B89g4c85B6jCWo0thNWA==

GET
H2 200 tsu4adm.css
use.typekit.net/ 18 KB
2 KB 42ms
10ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/tsu4adm.css

Requested by

Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.93b839e1dcdb89d879de3df59fe7282f.gz.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

373230acfd98e6e8704812d39c2288ce9ca1d1a20c2884586b16f3ea3e4774cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://ewscripps.brightspotcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Sun, 21 Mar 2021 01:46:02 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1657

GET
H2 200 p.css
p.typekit.net/ 5 B
149 B 21ms
6ms Stylesheet
text/css 2a02:26f0:7100:298::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:298::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
last-modified: Wed, 02 Sep 2020 04:03:39 GMT
server: nginx
etag: "5f4f199b-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
35 KB 24ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-552B4Z4

Requested by

Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9e1107b72b069b4ca7dded7c66e7e3b0f7ddff248603a4520a213e7b133cd26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35540
x-xss-protection: 0
last-modified: Sun, 21 Mar 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Mar 2021 01:46:02 GMT

GET
H2 200 ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ 44 KB
15 KB 42ms
6ms XHR
application/javascript 2600:9000:21f3:2200:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2200:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ab4562ae39fd46d0dcee10f45dedcc035d27c453587f849bd605014a1304f082

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 00:09:16 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
age: 5806
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 14400
cache-control: public, max-age=14400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: *
x-amz-cf-id: 89y5-P5tP70QpNyYM_ju59irUnpbFHwYkujQivTfj1P7HAAA3Q1HMg==
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)

GET
H/1.1 200
OK yi.js Show response
sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/ 195 KB
69 KB 37ms
19ms Script
application/x-javascript 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e27b395dd390b36ff73915d6736d8c30721b8f2c88d69bbfe7d9baba127bd0a7

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:02 GMT
Content-Encoding: gzip
Server: AmazonS3
x-amz-request-id: 5D26FB86FBCDFE90
ETag: "bf99df8799c52d25f9335eccaa199ccd"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=24103
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: NoTi/ES4Okxu83RA1eZoUmRqn9yxEqEH3g7CsGJFPa/gOAGeIYXy2EbZDohYhexFKE0xssjjEMM=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 61ms
29ms Script
application/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:41:25 GMT
content-encoding: gzip
server: Server
age: 276
etag: d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id: W7yIzKAW2Jsj_JtfIksarfSUzMe1H6pb4P0GYqBYxuEBaGvJM84pTw==

GET
H2 200 bidexchange.js Show response
contextual.media.net/ 407 KB
84 KB 66ms
46ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/bidexchange.js?cid=8CU6Q6626&dn=www.kristv.com&version=4.1&https=1

Requested by

Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0bc1bcd3d0a249c0cdeaecc33aff3538b3b95aa14a35efcdf3a8ebc4eee40063

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Sun, 21 Mar 2021 01:46:02 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Sun, 21 Mar 2021 02:16:02 GMT

GET
H2 200 consumable-cdn.js Show response
yummy.consumable.com/standalone/ 83 KB
22 KB 63ms
21ms Script
application/javascript 13.226.159.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/standalone/consumable-cdn.js
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-89.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8d2551c545c7556a6abf32ece25d1b8e12c1d31964919fb5a3b73e3ca0c67c4

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
content-encoding: gzip
last-modified: Thu, 18 Apr 2019 13:41:28 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: W/"c70b09cf7daf3f6e63265fcf7dce428b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
x-amz-cf-id: KM9ENiK4fCfaBBxjClFfHXBmnQf186hB7LWcLLJsIiuGpj2MadN7YQ==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 22ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

adea24151041edd1b5e77977b0cfb9229fb31ea317daae43a1cf568ed4d20c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: qzPj1xUHXBgE6+vM9oamew==
cross-origin-resource-policy: cross-origin
expires: Sun, 21 Mar 2021 01:50:53 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: Whvioe4CEcpziW+3tA+RHP52IjXweDvshNSTHJt6j4LG3TEHMJhsLHg2smp+IzbvOx5bZUwJ0Avzj7LJtUTH+g==
x-fb-trip-id: 2065797240
x-fb-content-md5: 7a68238034cb683385ab7d3e35f9a027
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 21 Mar 2021 01:46:02 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "47a2ea8da351c81dd32989024cf5ac9f"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 l
use.typekit.net/af/d82519/00000000000000003b9b306a/27/ 20 KB
20 KB 45ms
14ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d82519/00000000000000003b9b306a/27/l?subset_id=2&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 90bf686f30e8bfcc224e5af0495606f031d6d5970a5701f45fc94951b2fae966

Request headers

Origin: https://www.kristv.com
Referer: https://use.typekit.net/tsu4adm.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
server: nginx
etag: "fd8402d37106f684ec19a13afdcc4e7f3508fe4c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20356

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 10ms
8ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Origin: https://www.kristv.com
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
last-modified: Wed, 20 Jun 2018 20:19:36 GMT
server: NetDNA-cache/2.2
etag: "18d2347ab2a9f40ca2247cdb03303d84"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 59572

GET
H2 200 l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 33 KB
33 KB 44ms
14ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f37e21c653607facbf39ad55a0d09b23fbda4ee1be8202257bd4c218eb1544ee

Request headers

Origin: https://www.kristv.com
Referer: https://use.typekit.net/tsu4adm.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
server: nginx
etag: "79fea02668402fc378c129193093131a2db2577c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33568

GET
H2 200 l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 34 KB
34 KB 38ms
9ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3302ef568a096b5d784190fc4a27a5360a9e0a22c069d90253c6341e311024d8

Request headers

Origin: https://www.kristv.com
Referer: https://use.typekit.net/tsu4adm.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
server: nginx
etag: "b5fef031a96fc670f9c3b1b64dd52243a29d7531"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 34344

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 62 KB
62 KB 18ms
17ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Origin: https://www.kristv.com
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
last-modified: Wed, 20 Jun 2018 20:19:30 GMT
server: NetDNA-cache/2.2
etag: "f319eac1c755f9929fd856720ce1695e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 63376

GET
H2 200 l
use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/ 34 KB
35 KB 38ms
10ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f685d36f3f62589ffc7cb9633a82850958978f8803780ece24c613ca6f8cf563

Request headers

Origin: https://www.kristv.com
Referer: https://use.typekit.net/tsu4adm.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
server: nginx
etag: "d9c559430b0162ff50e16cf6dad5514fa963f9ff"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35116

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame D7C9 416 B
816 B 7ms
7ms Document
text/html 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kristv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kristv.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1615905785.764688"
last-modified: Tue, 16 Mar 2021 14:26:49 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Sun, 21 Mar 2021 01:46:02 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cookie: CheetahStaging=true
set-cookie: akacd_widgets_routing=1616291162~rv=18~id=0fd2e3555056f24afbb5344f28f7c2db; path=/; Expires=Sun, 21 Mar 2021 01:46:02 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3LmtyaXN0di5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 23ms
7ms XHR
application/json 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmtyaXN0di5jb20=
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:02 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=14729
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: df00b70b6bd279f2e22987e7725c1420
Content-Length: 15
Expires: Sun, 21 Mar 2021 05:51:31 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
468 B 9ms
7ms Image
image/gif 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=10.206157268138126
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Tue, 20 Apr 2021 01:46:02 GMT

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/108993/ Frame 4A2D
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/108993/connatix.playspace.dc.js

1 MB
222 KB

15ms
14ms

Script
application/javascript

151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/108993/connatix.playspace.dc.js
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8660aee083a5dbfdf7dd59c529c411bf60bf5d076903af961df89543bd379871

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PJOeNVH5t2dw.MMehQI2Js.ml6MZlKYv
via: 1.1 varnish, 1.1 varnish
etag: "dc50d840f367077ff2696c6a38937a9a"
age: 120597
x-cache: HIT, HIT
x-amz-replication-status: FAILED
content-encoding: br
content-length: 226968
x-served-by: cache-dca17760-DCA, cache-fra19177-FRA
last-modified: Fri, 19 Mar 2021 12:09:52 GMT
x-timer: S1616291162.472157,VS0,VE0
date: Sun, 21 Mar 2021 01:46:02 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 442

Redirect headers

date: Sun, 21 Mar 2021 01:46:02 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-served-by: cache-fra19177-FRA
x-cache: HIT
location: https://cds.connatix.com/p/108993/connatix.playspace.dc.js
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
x-timer: S1616291162.342096,VS0,VE1
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/a6a0a21/2147483647/strip/true/crop/3511x1975+0+66/resize/1280x720!/quality/90/ 121 KB
121 KB 34ms
33ms Image
image/jpeg 13.226.159.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/a6a0a21/2147483647/strip/true/crop/3511x1975+0+66/resize/1280x720!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F8d%2Fb5%2Fd1e853074b28b03abcedeedad5bc%2Fap-20129013117084.jpg
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-114.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 9d5a3e22d4ed63d2a467e86d1b97024abd30d69595a9d0d7503ac6648c34d6fe

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 23:35:57 GMT
Via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 353404
ETag: e2e932f8bd18441fcf25cbc52fa98236
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: DUS51-C1
X-Robots-Tag: nofollow
Content-Length: 123696
X-Amz-Cf-Id: HxagfSJX6CYmkZEf2L7QOP0gs3QSi0wA-G0EtXXfWxQWCs8husCKww==
Expires: Wed, 16 Mar 2022 23:35:58 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/190680c/2147483647/strip/true/crop/400x400+0+0/resize/300x300!/quality/90/ 12 KB
13 KB 49ms
13ms Image
image/jpeg 13.226.159.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/190680c/2147483647/strip/true/crop/400x400+0+0/resize/300x300!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F7c%2F10%2F06f7c2c74400b2bb2fc0a30b078d%2Fjboggs.jpg
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-114.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: e62c9e8a6da7f44d8c4d20b99bca55913130e0557ba1a21f3b0fbcbc9bab03b7

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 06:25:27 GMT
Via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 3180035
ETag: 77c452c565aa1acecc49ba39f7c0879e
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: DUS51-C1
X-Robots-Tag: nofollow
Content-Length: 12647
X-Amz-Cf-Id: 6aKpMryrdRM-qhi6ywdefQZbG63JbJVO_vAPtuzpTUt6-1swh8rpFA==
Expires: Sat, 12 Feb 2022 06:25:27 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/ea6ec0f/2147483647/strip/true/crop/960x720+160+0/resize/480x360!/quality/90/ 165 KB
165 KB 51ms
16ms Image
image/png 13.226.159.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/ea6ec0f/2147483647/strip/true/crop/960x720+160+0/resize/480x360!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F15%2Ff5%2Ffc4e0f3144bf95b76cbb5cfca5ce%2Fda43772-doc-stas-safely-back-to-school-default-image-1280x720-2.png
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-114.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 5fb8ecb1dff0fc2d281a3d9d1b558dc273295ba84e0f8c1677cf10fa08dca11a

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 10:03:56 GMT
Via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 3944526
ETag: a7f647c8be74c915f6d814713a470030
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: DUS51-C1
X-Robots-Tag: nofollow
Content-Length: 168592
X-Amz-Cf-Id: utoJsq55C0txoylO-zJbitEwj7qlA0HsX6eoG9voTM22dIPebLaxgg==
Expires: Thu, 03 Feb 2022 10:03:56 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
60 KB 26ms
15ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=9e331a251561aaac0645fdee74cf3528&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76edf836a8be69dbefb1bcf36fc0a7eb98010268bbf257e9f2d37c042c926312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.kristv.com
Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: wzF5tFrhGpS7A7vZPmqCQw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60853
x-fb-rlafr: 0
x-fb-debug: VSzblulXf5ET0pIxbBCzQMPsrQgm5BLkrLTeJx24LYstZH7E/1I0ZT+4exxgh1defyuLbNvHutYihMwwqT/7uw==
x-fb-trip-id: 917726464
x-fb-content-md5: a02475359a17c24f76ccc85f333a895b
x-frame-options: DENY
date: Sun, 21 Mar 2021 01:46:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "dcc62490aadff8e7fb55788dfdde802c"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 21 Mar 2022 01:17:06 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 40ms
13ms XHR
application/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 78760
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 06 Mar 2021 01:32:40 GMT
server: AmazonS3
date: Sat, 20 Mar 2021 03:53:23 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: SsigzVf6Vr8cmbkSrzQZoFdiYD5CTOuQiLsXzwrznP35n0THZ66ohw==

GET
H2 200 yi.js Show response
mb.moatads.com/ 2 KB
2 KB 87ms
43ms Script
text/html 3.8.225.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi.js?ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&callback=MoatNadoAllJsonpRequest_66646404
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.8.225.221 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-8-225-221.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 49a01fff315fb6ec10f2ce3546c34c1bc2310beff2163af790b2cc342426ab2a

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "f61041467d8cff16ed880fde189a21bc88f829fd"
content-length: 1620
content-type: text/html; charset=UTF-8

OPTIONS
H2 200 /
api.ewscloud.com/prod/scheduler/v1/com.kristv/schedules/current/ Frame 0
0 164ms
101ms Preflight
application/json 13.226.159.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.kristv/schedules/current/?type=web
Protocol: H2
Server: 13.226.159.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-22.dus51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://www.kristv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Sun, 21 Mar 2021 01:46:02 GMT
x-amzn-requestid: 48410610-c46c-4ebd-8bc6-85625e5bf915
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: cg7GKGaLIAMFviw=
access-control-allow-methods: GET,OPTIONS
x-amzn-trace-id: Root=1-6056a55a-562c5ad91416fdd15757bd8d
x-cache: Miss from cloudfront
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: qAYYPHKWOF1SmDdVFOQgoZI2TAN482JyWNpexwXxUZzha2ZP3pCYuw==

GET
H/1.1 200
OK weather Show response
www.kristv.com/ 138 KB
138 KB 20ms
19ms Fetch
application/json 13.226.159.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kristv.com/weather?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-82.dus51.r.cloudfront.net
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: 6ac393d573d4618c7a8e10307d8e50170430a650923ddaf0108f6deffcf6e8ec

Request headers

Referer: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:43:24 GMT
Via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache-Coyote/1.1
Age: 158
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: DUS51-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: 7Pcz3fjUNoDUwhmDjLRVufdzHtI3dT216xVMEEY8GLDjf1UgJ-CtTQ==

GET
H/1.1 200
OK breaking-news-alerts Show response
www.kristv.com/ 61 KB
62 KB 50ms
19ms Fetch
application/json 13.226.159.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kristv.com/breaking-news-alerts?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-82.dus51.r.cloudfront.net
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: d604d1e8c50757859cb984d9a6be7c5e844749b0fe07ac149bf188eed1efdb80

Request headers

Referer: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:43:23 GMT
Via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache-Coyote/1.1
Age: 158
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: DUS51-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: eSG9dgsZF9wb71erwau4WaGqcvrmcvJaoB0WxJQkzeeXLr5x8CA3Wg==

GET
H/1.1 200
OK alerts Show response
www.kristv.com/weather/ 68 KB
68 KB 49ms
18ms Fetch
application/json 13.226.159.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kristv.com/weather/alerts?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-82.dus51.r.cloudfront.net
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: 0e01138a67c25ff4eb8d6f3f6d04f90d5dffa96f03c1c16fea106f716e1f7d12

Request headers

Referer: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:43:25 GMT
Via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache-Coyote/1.1
Age: 157
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: DUS51-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: IXSnbiYsk8bCkXL70ETBVTgry3JQLNkUSgiJLt7AfxIs9O-xRuNDww==

GET
H/1.1 200
OK school-closings-delays Show response
www.kristv.com/weather/ 68 KB
69 KB 49ms
19ms Fetch
application/json 13.226.159.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kristv.com/weather/school-closings-delays?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-82.dus51.r.cloudfront.net
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: afd3b6319efd03c4a8f513495184f595264d0f5c6c560d8b807c1c386bc9d896

Request headers

Referer: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:43:24 GMT
Via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache-Coyote/1.1
Age: 158
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: DUS51-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: rQqKVEVIkzP9freQX4f1wHtjnZy3jHohMGKMZZu3JNIMzcd5iM9OxQ==

GET
H2 200 / Show response
api.ewscloud.com/prod/scheduler/v1/com.kristv/schedules/current/ 2 KB
2 KB 112ms
112ms Fetch
application/json 13.226.159.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.kristv/schedules/current/?type=web
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-22.dus51.r.cloudfront.net
Software: /
Resource Hash: 573dcd453fe51f3c0feafb27a7831eaa59abc9d93e3c6531c1211a87d38bde06

Request headers

Authorization: Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amzn-requestid: 509c5a50-2271-48a4-8f4c-80df2e271e7e
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6056a55a-31cca04c720c1b4076e317ec
x-amz-apigw-id: cg7GLFQmIAMFqqA=
content-length: 1758
x-amz-cf-id: AQkN5ila3lE5TSep4nljnuog060YUODSa8xTtQDuYI7UoajzbKNl8w==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 25ms
9ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1616291162368&de=145008579314&d=CRACKED_SCRIPPS_DFP_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=31f9dba90d7-clean&iw=07d6456&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=kristv.com&bd=kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&ac=1&bq=11&f=0&na=243139212&cs=0
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Mar 2021 01:46:02 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 20ms
7ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&abte=SSP_CLIENT_control&adbd=0&adt=desktop&cid=8CU6Q6626&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=kristv.com&servname=rtb-nv-dcos-ssp-10-6-47-80-14889&sd=1&svr=031812_212_031711_78_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001616291162425015095070728416&sspAbBucket=CONTROL&npa=0&lw=1&dapp=green&rtype=&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&a=0&r=209&lper=1&pc=&requrl=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&kwrf=
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-22.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:02 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sun, 21 Mar 2021 01:46:02 GMT

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 49 KB
20 KB 87ms
23ms Script
text/javascript 185.59.220.197
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.197 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-197.datapacket.com
Software: BunnyCDN-DE1-487 /
Resource Hash: 4e9117f00b958920d6a594588c82bb74e5cf045d786c548b15b91ae65d11cc0f

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
content-encoding: br
server: BunnyCDN-DE1-487
cdn-requestpullcode: 200
vary: Accept-Encoding
cdn-edgestorageid: 487
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: 2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control: public, max-age=43200
cdn-pullzone: 62714
cdn-cachedat: 2021-01-27 23:17:30
cdn-requestid: 7cfbee3241b9c80784702e25eec59d96
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-552B4Z4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6207
date: Sun, 21 Mar 2021 00:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 21 Mar 2021 02:02:35 GMT

GET
H3-Q050

200

activityi;dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimul... Show response
4394967.fls.doubleclick.net/ Frame 98E9
Redirect Chain

https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stim...
https://4394967.fls.doubleclick.net/activityi;dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Bank...

608 B
1 KB

46ms
31ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4394967.fls.doubleclick.net/activityi;dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds;~oref=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-552B4Z4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

40652885cf7622d0b20b8cee818efb80d4857c5892767a0139498051c1dae647

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4394967.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds;~oref=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kristv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 21 Mar 2021 01:46:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 449
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 21-Mar-2021 02:01:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 21 Mar 2021 01:46:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4394967.fls.doubleclick.net/activityi;dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds;~oref=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 58ms
19ms Script
application/x-javascript 104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Mon, 22 Mar 2021 01:46:02 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 27ms
5ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 28 Mar 2021 01:46:02 GMT

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame D7C9 610 B
1008 B 8ms
6ms Document
text/html 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1615905786.501847"
last-modified: Tue, 16 Mar 2021 14:26:49 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Sun, 21 Mar 2021 01:46:02 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cookie: CheetahStaging=true
set-cookie: akacd_widgets_routing=1616291162~rv=2~id=8e6d8be5f504f8e0d6f4450720828e00; path=/; Expires=Sun, 21 Mar 2021 01:46:02 GMT; Secure; SameSite=None

GET
H2 200 clear.png
static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/ 2 KB
3 KB 55ms
9ms Image
image/png 2600:9000:2182:1200:10:618e:d880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/clear.png
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:1200:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2878c06eaa36809d2bf556a97ac803fa0870241e075817b5310e9b0410cc66d4

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PaPfFM5kzY8cEqPszL_vzlXekSCmCD3I
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Thu, 11 Feb 2021 14:00:43 GMT
server: AmazonS3
age: 193
etag: "fc75b0aa31f555c7c7e2145d8789524c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
date: Sun, 21 Mar 2021 01:45:45 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 2382
x-amz-cf-id: TZdpCCQj2lIt6XzgPoaCsJ8Dg_H3jH5T9H_JZimZQAzbG-gIKe1xwQ==

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 430
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Sun, 21 Mar 2021 02:38:52 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
20 KB 36ms
14ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

1c898a2e3974c68708e2d5569e522f376dcf19c627de3718e3ce18d26772bda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "818 / 681 of 1000 / last-modified: 1616191964"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19836
x-xss-protection: 0
expires: Sun, 21 Mar 2021 01:46:02 GMT

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/108993/ 102 KB
14 KB 15ms
14ms Stylesheet
text/css 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/108993/connatix.playspace.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4e1d09387f62774dbb03e6b7c8404f8ccadb06a747b60571f8f080213820cab9

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xrvBeDthf6ngVjnP_sehGc.6VrygvLVT
via: 1.1 varnish, 1.1 varnish
etag: "a2e4815b59a14d0ee11b3bde797ef7e0"
age: 129041
x-cache: HIT, HIT
x-amz-replication-status: FAILED
content-encoding: br
content-length: 14290
x-served-by: cache-dca17741-DCA, cache-fra19177-FRA
last-modified: Fri, 19 Mar 2021 12:09:52 GMT
x-timer: S1616291163.604678,VS0,VE0
date: Sun, 21 Mar 2021 01:46:02 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1977, 10810

GET
H2 200 rules-p-cfh7-Kj7hw4Cs.js Show response
rules.quantcount.com/ 1 KB
1 KB 31ms
10ms Script
application/x-javascript 2600:9000:2182:8e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-cfh7-Kj7hw4Cs.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:8e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:36:09 GMT
content-encoding: gzip
last-modified: Wed, 30 Aug 2017 16:19:22 GMT
server: AmazonS3
age: 785
etag: W/"021b7e04f30cea21812673c831b1b679"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: YUvHTA7rrTLBSWLLlKrrMjKbdcL-DVNt1dAJlYyJJ1XghV5R5YakDw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
85 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-10036014-5&cid=1975540868.1616291163&jid=960790584&gjid=1573987379&_gid=1864807214.1616291163&_u=aGBAgAAjAAAAAE~&z=673917849

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 21 Mar 2021 01:46:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.kristv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-40066851-1&cid=1975540868.1616291163&jid=2134164447&gjid=2145892207&_gid=1864807214.1616291163&_u=aGDAiAAjBAAAAE~&z=465871670

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 21 Mar 2021 01:46:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.kristv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-29521121-4&cid=1975540868.1616291163&jid=766758646&gjid=783943324&_gid=1864807214.1616291163&_u=aGDAiAAjBAAAAE~&z=1784778450

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 21 Mar 2021 01:46:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.kristv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
5ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1614272757&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&ul=en-us&de=UTF-8&dt=Banks%20starting%20to%20release%20stimulus%20funds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAj~&jid=960790584&gjid=1573987379&cid=1975540868.1616291163&tid=UA-10036014-5&_gid=1864807214.1616291163&gtm=2wg3a0552B4Z4&cd20=2039&cd21=Justin%20Boggs&cd22=&cd23=National%20News&cd24=National%20News&cd25=false&cd26=&cd30=&cd31=true&cd34=false&z=2123739561

Requested by

Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 19:40:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21949
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1614272757&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&ul=en-us&de=UTF-8&dt=Banks%20starting%20to%20release%20stimulus%20funds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiAAjBAAAAE~&jid=2134164447&gjid=2145892207&cid=1975540868.1616291163&tid=UA-40066851-1&_gid=1864807214.1616291163&gtm=2wg3a0552B4Z4&cd20=2039&cd21=Justin%20Boggs&cd22=&cd23=National%20News&cd24=National%20News&cd25=false&cd26=&cd30=&cd31=true&cd34=false&z=962598064

Requested by

Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 19:40:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21949
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1614272757&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&ul=en-us&de=UTF-8&dt=Banks%20starting%20to%20release%20stimulus%20funds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiAAjBAAAAE~&jid=766758646&gjid=783943324&cid=1975540868.1616291163&tid=UA-29521121-4&_gid=1864807214.1616291163&gtm=2wg3a0552B4Z4&cd20=2039&cd21=Justin%20Boggs&cd22=&cd23=National%20News&cd24=National%20News&cd25=false&cd26=&cd30=&cd31=true&z=630551335

Requested by

Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 19:40:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21949
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1616291162628&ns_c=UTF-8&cv=3.5&c8=Banks%20starting%20to%20release%20stimulus%20funds&c7=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fba...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1616291162628&ns_c=UTF-8&cv=3.5&c8=Banks%20starting%20to%20release%20stimulus%20funds&c7=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fb...

0
528 B

19ms
18ms

Image
text/plain

104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1616291162628&ns_c=UTF-8&cv=3.5&c8=Banks%20starting%20to%20release%20stimulus%20funds&c7=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&c9=&cs_ak_ss=1
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 01:46:02 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1616291162628&ns_c=UTF-8&cv=3.5&c8=Banks%20starting%20to%20release%20stimulus%20funds&c7=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Sun, 21 Mar 2021 01:46:02 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 2 KB
2 KB 284ms
99ms Script
text/javascript 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=142962221130771272082960309992158470227790519178852224276956910007&nc=0&tsf=0&tsfmi=&pv=0&cb=1616291162740&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDQyMDddLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiLSJdLFstMiwiMTMs%0D%0AWEh4ZzFqMHpFbEFRd0oxUUVja3Z6b3ZiY0FJWlNFRWpBaEpJUVFCd2dsOUY0Q0JBZ1FXZ2lkMExI%0D%0AQkJlT0dqYnZYM3FZeU02Lyt2enZTN0dvWEd3aC8rYk1samJUeWFvN09QZiJdLFstMywiW10iXSxb%0D%0ALTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJjb3JlXCIsXCJfX2NvcmUtanNf%0D%0Ac2hhcmVkX19cIixcImdsb2JhbFwiLFwiU3lzdGVtXCIsXCJhc2FwXCIsXCJPYnNlcnZhYmxlXCIs%0D%0AXCJzZXRJbW1lZGlhdGVcIixcImNsZWFySW1tZWRpYXRlXCIsXCJyZWdlbmVyYXRvclJ1bnRpbWVc%0D%0AIixcIl9iYWJlbFBvbHlmaWxsXCIsXCJTY3JpcHBzQWRMaWJcIixcImRheXNTaW5jZVB1Ymxpc2hl%0D%0AZFwiLFwiZGF0ZVB1Ymxpc2hlZFwiLFwicHVibGlzaGVkVGltZVwiLFwibW9kaWZpZWRUaW1lXCIs%0D%0AXCJnZXRDb29raWVcIixcImd0bU9ialwiLFwiY2FsbExldHRlcnNcIixcImpzVGFnc1wiLFwianNQ%0D%0AdWJsaXNoRGF0ZVwiLFwianNVcGRhdGVEYXRlXCIsXCJqc0lzQnJlYWtpbmdcIixcImpzSXNBbGVy%0D%0AdFwiLFwianNBdXRob3JzXCIsXCJqc0hhc1ZpZGVvXCIsXCJqc1NlY3Rpb25cIixcImpzUGFnZVR5%0D%0AcGVcIixcImpzRGlzYWJsZVByZXJvbGxBZHNcIixcImpzRGlzYWJsZURpc3BsYXlBZHNcIixcImpz%0D%0ARGlzYWJsZUlubGluZVZpZGVvQWRzXCIsXCJqc0ZuYW1lXCIsXCJkYXRhTGF5ZXJcIixcIl9feHNo%0D%0AanJ5aGRoamt1ZWhkXCIsXCJkZGxzXCIsXCJhZHNPblBhZ2VcIixcIklTX0NNU1wiLFwiQWREZWJ1%0D%0AZ2dlclwiLFwiU2NyaXBwc1V0aWxzXCIsXCJTdGlja3lSaWdodFJhaWxcIixcInNVc2VySHViXCIs%0D%0AXCJBZFRhcmdldGluZ1BhcmFtc1wiLFwiRHluYW1pY1RhcmdldGluZ1BhcmFtc1wiLFwiU2NyaXBw%0D%0Ac091dHN0cmVhbVBsYXllclwiLFwiU2NyaXBwc0Fkc0xpYlwiLFwiSW1hZ2VMYXp5TG9hZFwiLFwi%0D%0AZ29vZ2xldGFnXCIsXCJtb2F0WWllbGRSZWFkeVwiLFwiYXBzdGFnXCIsXCJhZHZCaWR4Y1wiXSxc%0D%0AIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIi0iXSxbLTEwLCItIl0s%0D%0AWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcImtleXdvcmRzXCIsXCJv%0D%0AZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIixcInR3%0D%0AaXR0ZXI6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJkZXNjcmlwdGlvblwiLFwicGFyc2Vs%0D%0AeS10aXRsZVwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjowLjAwNTI2%0D%0AMzE1Nzg5NDczNjg0Mn0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjEyIl0sWy0xOCwiWzAs%0D%0AMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAs%0D%0AMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiMTk3%0D%0ANTU0MDg2OC4xNjE2MjkxMTYzIl0sWy0yMSwiVm9xR3JwSEQiXSxbLTIyLCJbXCJuXCIsXCJuXCJd%0D%0AIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoyMDUwMDAw%0D%0AMCxcInVqaHNcIjoxOTMwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDkuNCww%0D%0ALFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTIl0sWy0yOSwie1widlwiOlsyLDIsMiwyLDAsMCww%0D%0ALDIsMCwyLDAsMiwwLDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJ0cnVl%0D%0AIl0sWy0zMiwiMiJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2MTYyOTExNjI2NjgsLTFd%0D%0AIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItIl0sWy0zOCwiaSwtMSwtMSwwLDAs%0D%0AMSwwLDM0LDI5LDIxOSwzMDYsMCw1NjEuODk1LDU2MS44OTUsOTYwLDk2MSJdLFstMzksIltcIjIw%0D%0AMDMwMTA3XCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0%0D%0AcnVlLDgsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2%0D%0ANTMiXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDAxMTEwMTEwMCJdLFstNDQsIjAsMCwwLDUiXSxb%0D%0ALTQ1LCI2MjAsMCwwLDAsMCwwLDc2MiwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAs%0D%0AMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiRXVyb3BlL0Jlcmxpbixlbi1VUyxs%0D%0AYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiwxMDVdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A325%2C%22y%22%3A2378%2C%22w%22%3A610%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=NqM7BFE174&sdd=%7B%7D&pto=1036
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: b7add002e12b8f607eb2690dad7a555491b6db778e094874c5bdb1f15fbc24b3

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:02 GMT
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 1547
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021031601.js Show response
securepubads.g.doubleclick.net/gpt/ 285 KB
100 KB 42ms
28ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 08:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102421
x-xss-protection: 0
expires: Sun, 21 Mar 2021 01:46:02 GMT

GET
H2 200 dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds... Show response
adservice.google.com/ddm/fls/i/ Frame A0C1 607 B
922 B 61ms
42ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds;~oref=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds

Requested by

Host: 4394967.fls.doubleclick.net
URL: https://4394967.fls.doubleclick.net/activityi;dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds;~oref=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ef5f1f412d437afc21378ef2d4a8eaa3a9e009eda9ac6552a563d9d675c63a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds;~oref=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4394967.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4394967.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 21 Mar 2021 01:46:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 449
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK story Show response
capi.connatix.com/core/ Frame 4A2D 1 KB
1 KB 468ms
123ms XHR
multipart/form-data 18.190.13.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.190.13.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-190-13-23.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 4fae65bdf675c16429a7906d07f361ff9e20644db51be31764c67c9162f13c71

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sun, 21 Mar 2021 01:46:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.kristv.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 pixel;r=1201215022;labels=Cracked.Article%20Title.Banks%20starting%20to%20release%20stimulus%20funds;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-re...
pixel.quantserve.com/ 35 B
371 B 9ms
7ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1201215022;labels=Cracked.Article%20Title.Banks%20starting%20to%20release%20stimulus%20funds;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds;uht=2;fpan=1;fpa=P0-596921308-1616291162788;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=kristv.com;je=0;sr=1600x1200x24;dst=1;et=1616291162787;tzo=-60;ogl=title.Banks%20starting%20to%20release%20stimulus%20funds%2Curl.https%3A%2F%2Fwww%252Ekristv%252Ecom%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds%2Cimage.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F3a124cc%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Aurl.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F3a124cc%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Asecure_url.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F3a124cc%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fpng%2Cimage%3Aalt.Virus%20Outbreak%20Payments%20to%20the%20Dead%2Cdescription.For%20many%20Americans%252C%20the%20checks%20will%20be%20for%20%241%252C400%20per%20person%252E%2Csite_name.KRIS%2Ctype.article%2Cdescription.For%20many%20Americans%252C%20the%20checks%20will%20be%20for%20%241%252C400%20per%20person%252E

Requested by

Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b7a8710924ec2a6402c437f720b5e31dd3a5229a18db70badce74eaba80c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1360
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5864
x-xss-protection: 0
server: cafe
etag: 2731930202144549249
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 02:23:22 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
371 B 116ms
116ms XHR
text/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&pid=uLrfVCkdsj1sf&cb=0&ws=1600x1200&v=7.60.00&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.kristv.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: K-wClHgcgg6G2_WEbpOeZErzBgvj7p0oKsM--jj16yZjF9_tv6gdAA==

GET
H/1.1

200
OK

2000248.js Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/
Redirect Chain

https://sync.serverbid.com/ss/2000248.js
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.js

5 KB
5 KB

41ms
9ms

Script
application/x-javascript

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.js

Requested by

Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

25b88bf9d929543f95693a526b8a0e803eb7190cfa60042b0487a4b6b749ae71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:03 GMT
Connection: Keep-Alive
Last-Modified: Tue, 08 Dec 2020 16:28:09 GMT
age: 38
etag: "4e60003ba0cf3b31fca6aff00fe454eb"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1616291163.dop224.fr8.t,1616291163.cds003.fr8.shn,1616291163.dop224.fr8.t,1616291163.cds051.fr8.c
Content-Type: application/x-javascript
Cache-Control: max-age=59912
Content-Length: 4750
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
x-amz-request-id: tx000000000000025ffefc3-0060563dbd-46b98f5-nyc3a

Redirect headers

location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.js
cache-control: no-cache
content-length: 0

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
168 B 300ms
98ms XHR
application/json 167.172.1.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.kristv.com
date: Sun, 21 Mar 2021 01:46:02 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds... Show response
adservice.google.de/ddm/fls/i/ Frame F3E2 194 B
877 B 61ms
42ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds;~oref=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds;~oref=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CM7Z4eShwO8CFVC4ewodRfQNuA;src=4394967;type=wftx;cat=pc_tt0;ord=9553165155585;gtm=2wg3a0;auiddc=2040073381.1616291162;u1=National%20News;u2=Banks%20starting%20to%20release%20stimulus%20funds;~oref=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 21 Mar 2021 01:46:02 GMT
expires: Sun, 21 Mar 2021 01:46:02 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
372 B 116ms
116ms XHR
text/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&pid=uLrfVCkdsj1sf&cb=1&ws=1600x1200&v=7.60.00&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INLINE%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22MAD_HEADER%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22994x30%22%2C%2210x1%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:02 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.kristv.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: TvfhCmx_JQwk7JNOvmHBX_UE9s6CKIhcwqKCMOsZVECUn10JoWnLvA==

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
168 B 287ms
99ms XHR
application/json 167.172.1.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.kristv.com
date: Sun, 21 Mar 2021 01:46:02 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 343ms
85ms XHR
application/json 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1616291162932&sessionId=ce6a0c87-2da6-ea98-b000-3f23b8c6bd91&url=www.kristv.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 01:46:03 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 185d1f0a201e926eb24d1b2782ab94dc
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 26 KB
6 KB 171ms
140ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&idx=0&rand=75493&key=NANOWDGT01&widgetJSId=AR_11&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=ce6a0c87-2da6-ea98-b000-3f23b8c6bd91&fdu=www.kristv.com&px=325&py=2457&vpd=1257&cw=610&settings=true&recs=true&version=2000250&sig=VoqGrpHD&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cbe2c3feaf2a8d0fc70d2ebf257b5de056be577e78ed77e93f4a7459ad80931e

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.57
x-cache-hits: 0, 0
x-traceid: d78334b8700965aba52aa24b375aeb41
content-encoding: gzip
content-length: 5786
x-served-by: cache-lga21957-LGA, cache-fra19144-FRA
x-timer: S1616291163.970591,VS0,VE126
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 325ms
86ms XHR
application/json 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1616291163037&sessionId=ce6a0c87-2da6-ea98-b000-3f23b8c6bd91&url=www.kristv.com&cheqSource=1&cheqEvent=2&responseTime=605
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 01:46:03 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 6a814f5368d8927c51e8829f938d75d6
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
102 B 89ms
89ms Image
image/gif 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136be8c53ceb468c9f9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60632fd78afe7d4e2474ebe48debd39e821da61c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d277c1d0ebf588b9e5187ff32ab6b9ab2c5960e9d76399b010b2464306855b0f8582c38681eb923bce6a88deb4da2ebc7b2e63d2222fce90c715758bee28fd00b0904b9122ae2b441a009a62ff439cd0be71f8df78d209f2c3d5cb6c9f4f5021fc531b1e724e6bd6e16fb753dfc18b27abd365fe9c25cbcdf8e87e9fa6ec5363319ee41154dcb90e5913f3a3f322fd67dfb619acfd78f722f472874fc64082ba36c60635a6fbc3256061720929174e55f6f38607d11eb4454b5f2af8bd53dc9a1e10e3bedfbca06fc3eef8e180f8afed56493cfa5b9bb0596a9f5e661dd77f40776cf416b3644ad0e1d317ff72cb37d9b926cca41fdc2a1d2b241e6e50c982a28e7e080adf4601cc8d8ea9ba8e1140cbacaf3ed6dd797b95&cb=1616291163037&cri=NqM7BFE174
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:03 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
content-type: image/gif

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 9ms
8ms Image
image/svg+xml 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1613570903.586246"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Tue, 20 Apr 2021 01:46:03 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 9ms
9ms Image
image/svg+xml 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Tue, 20 Apr 2021 01:46:03 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 344ms
87ms Fetch
text/plain 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=c7a8043eeb733c0c876b204e11cc299b_34965_1616291163046&tm=821&eT=0&widgetWidth=610&widgetHeight=201&widgetX=325&widgetY=2457&tpcs=0&wRV=2000250&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: gzip
X-TraceId: 1cff6c33905420ac054069bed32246c3
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 5505 16 KB
6 KB 9ms
8ms Document
text/html 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ea46a42d00476045a7d3b59ec7105a16d3a8e3c663781305a29aa9e015e71afb

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kristv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kristv.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "db1d14ae239d70e094caa7f13a678edc:1616080768.630435"
last-modified: Thu, 18 Mar 2021 15:19:15 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Mon, 22 Mar 2021 01:46:03 GMT
date: Sun, 21 Mar 2021 01:46:03 GMT
content-length: 5339
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cookie: CheetahStaging=true
set-cookie: akacd_widgets_routing=1616291163~rv=27~id=8f80587805c50aafa7c31293e9c8b845; path=/; Expires=Sun, 21 Mar 2021 01:46:03 GMT; Secure; SameSite=None

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000250/module/ 48 KB
16 KB 10ms
10ms Script
application/x-javascript 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000250/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bb94e061cdbeeb984bf8ca54dd5f991875d91d438aebc6de16266553821b8289

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 14:26:49 GMT
server: AkamaiNetStorage
etag: "de1f277dd3dd067ccbb45a252bec9460:1615905706.470661"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 15835

GET
H2 200 eyJpdSI6ImEzMjkzZWMzOGY5ZDRmMjdiNDFkYjJhNDMyZjM4NGZhZmQ0YjM1NWQzYmQ0ZmEwNWFmNTA0Y2M4YjJjNzI1YTAiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 18 KB
18 KB 23ms
7ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImEzMjkzZWMzOGY5ZDRmMjdiNDFkYjJhNDMyZjM4NGZhZmQ0YjM1NWQzYmQ0ZmEwNWFmNTA0Y2M4YjJjNzI1YTAiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0d05240cbf0a06b58cb3d5a0eb094088468539fbc39a44e441149ffcdcaa3558

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
cache-control: max-age=1858786
last-modified: Sat, 13 Mar 2021 03:38:49 GMT
x-traceid: 4e4626735e8069dc710feca3323e9014
timing-allow-origin: *
content-length: 18148
content-type: image/webp

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 5505 1 KB
1 KB 20ms
19ms Script
application/x-javascript 104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Mon, 22 Mar 2021 01:46:03 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 8 KB
2 KB 160ms
156ms Script
application/json 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&settings=true&recs=true&widgetJSId=AR_11&key=NANOWDGT01&version=2000250&apv=false&sig=VoqGrpHD&format=html&rand=31966&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=YzdhODA0M2VlYjczM2MwYzg3NmIyMDRlMTFjYzI5OWI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=no_abtest&clss=s600U%2FoNfXqTuM8I4IFWD4uQ3%2BcJi34SHjBoAkMLuVSwYQ8gx6gKg4%2BRhu5ZnOaXK88F3EyqXu9%2FLUYC&dpr=1&cw=610&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000250/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7113658dcdd2562878df662365f811c688101a7aacb05ec25ad2a01ef9d2847

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1616291163.164680,VS0,VE141
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: application/json; charset=UTF-8
backend-ip: 167.82.174.24
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: aedaf39879a14cb153df8d23175e3a32
content-encoding: gzip
content-length: 1388
x-served-by: cache-lga13624-LGA, cache-fra19144-FRA

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 43ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kristv.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 43ms
29ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kristv.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
14 KB 524ms
522ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969547347303203&correlator=3025944796508106&output=ldjh&impl=fifs&eid=21064371%2C31060204%2C31060367%2C31060516%2C44739387%2C21069710&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210321&iu_parts=6088%2Cssp.kris%2Cinview-bottom%2Cnews%2Cnational%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2F5&prev_iu_szs=728x90%2C300x600%7C300x250&prev_scp=kw%3DChase%252CChase%2520Stimulus%252CPNC%252CPNC%2520stimulus%252CStimmy%252CWells%2520Fargo%252CWells%2520Fargo%2520Stimulus%252CWells%2520Fargo%2520bank%252CWhere%2520is%2520my%2520stimmy%252CWhere%2520is%2520my%2520stimulus%26categories%3Dnational%2520news%26pt%3Ddetail%252Cfalse%26fname%3Dbanks-starting-to-release-stimulus-funds%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Fnational%252Fdetail%26refresh%3D0%26temp%3D60-69%26weather%3Dclear%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Ckw%3DChase%252CChase%2520Stimulus%252CPNC%252CPNC%2520stimulus%252CStimmy%252CWells%2520Fargo%252CWells%2520Fargo%2520Stimulus%252CWells%2520Fargo%2520bank%252CWhere%2520is%2520my%2520stimmy%252CWhere%2520is%2520my%2520stimulus%26categories%3Dnational%2520news%26pt%3Ddetail%252Cfalse%26fname%3Dbanks-starting-to-release-stimulus-funds%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Fnational%252Fdetail%26refresh%3D0%26temp%3D60-69%26weather%3Dclear%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1616291163&dt=1616291163181&dlt=1616291161985&idt=855&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C975&adys=-12245933%2C685&adks=1903102124%2C3280590524&ucis=1%7C2&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C300x630&msz=1600x-1%7C300x630&ga_vid=1975540868.1616291163&ga_sid=1616291163&ga_hid=1614272757&ga_fc=false&fws=644%2C4&ohw=1600%2C1070

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

a0f2f3ca7ec6304fd763d16155cf2ceb6203735e5f9d247c8e8e5fbc3cdb5d6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13634
x-xss-protection: 0
google-lineitem-id: -1,5642849901
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138343543018
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kristv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 82ms
13ms Other
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
8 KB 504ms
504ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969547347303203&correlator=1356454397250353&output=ldjh&impl=fifs&eid=21064371%2C31060204%2C31060367%2C31060516%2C44739387%2C21069710&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210321&iu_parts=6088%2Cssp.kris%2Cnews%2Cnational%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%2C970x250%7C728x90%7C970x90%7C994x30%7C10x1&prev_scp=kw%3DChase%252CChase%2520Stimulus%252CPNC%252CPNC%2520stimulus%252CStimmy%252CWells%2520Fargo%252CWells%2520Fargo%2520Stimulus%252CWells%2520Fargo%2520bank%252CWhere%2520is%2520my%2520stimmy%252CWhere%2520is%2520my%2520stimulus%26categories%3Dnational%2520news%26pt%3Ddetail%252Cfalse%26fname%3Dbanks-starting-to-release-stimulus-funds%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Fnational%252Fdetail%26refresh%3D0%26temp%3D60-69%26weather%3Dclear%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Ckw%3DChase%252CChase%2520Stimulus%252CPNC%252CPNC%2520stimulus%252CStimmy%252CWells%2520Fargo%252CWells%2520Fargo%2520Stimulus%252CWells%2520Fargo%2520bank%252CWhere%2520is%2520my%2520stimmy%252CWhere%2520is%2520my%2520stimulus%26categories%3Dnational%2520news%26pt%3Ddetail%252Cfalse%26fname%3Dbanks-starting-to-release-stimulus-funds%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Fnational%252Fdetail%26refresh%3D0%26temp%3D60-69%26weather%3Dclear%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1616291163&dt=1616291163192&dlt=1616291161985&idt=855&frm=20&biw=1600&bih=1200&oid=3&adxs=325%2C-12245933&adys=1459%2C-12245933&adks=1601849073%2C2137532573&ucis=3%7C4&ifi=3&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&vis=1&dmc=8&scr_x=0&scr_y=0&psz=610x280%7C1500x0&msz=610x280%7C970x250&ga_vid=1975540868.1616291163&ga_sid=1616291163&ga_hid=1614272757&ga_fc=false&fws=4%2C132&ohw=1070%2C1600

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

7ec1d786af9777487aa00100fe9c81bc1ab919c7f06367f6a9f02e45955049fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7277
x-xss-protection: 0
google-lineitem-id: 5642849901,5642849901
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343543018,138343543015
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kristv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame 5505 0
528 B 20ms
19ms Image
text/plain 104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=34965&cs_ucfr=1&ns__t=1616291163199&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D34965%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DDE&c9=https%3A%2F%2Fwww.kristv.com%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 01:46:03 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame CB8D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

305ms
18ms

Document
text/html

104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.kristv.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kristv.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Mar 2021 01:46:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Sun, 21 Mar 2021 01:46:03 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK Cookie set uc.html Show response
go.sonobi.com/ Frame 2343 43 B
577 B 60ms
13ms Document
text/html 178.162.133.148
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sonobi.com/uc.html?pubid=e55fb5d7c2

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.148 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.kristv.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kristv.com/

Response headers

Date: Sun, 21 Mar 2021 01:46:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-ams-1-7-128
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5G=s57128|YFalX; path=/; domain=.go.sonobi.com; SameSite=None; secure

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 510D 8 KB
3 KB 27ms
7ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.kristv.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kristv.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=110749
Expires: Mon, 22 Mar 2021 08:31:52 GMT
Date: Sun, 21 Mar 2021 01:46:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 um
cs.emxdgt.com/ Frame D155 0
0 3117ms
19ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kristv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kristv.com/

Response headers

content-type: text/html
date: Sun, 21 Mar 2021 01:46:05 GMT
content-length: 0

GET
H2

200

cm Show response
gift-connect-d.openx.net/w/1.0/ Frame B55B
Redirect Chain

https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D

780 B
812 B

17ms
16ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.203.0 /
Resource Hash: ab6301d7b636b4563b06fd697082beb3441f46e3d71b16f9d6bba5f4df440811

Request headers

:method: GET
:authority: gift-connect-d.openx.net
:scheme: https
:path: /w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kristv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=a6fed50f-a649-0dcb-2a66-cd3ee29bebc0|1616291164
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kristv.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=a6fed50f-a649-0dcb-2a66-cd3ee29bebc0|1616291164; Version=1; Expires=Mon, 21-Mar-2022 01:46:04 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616291164|gekin0vNiygu; Version=1; Expires=Mon, 05-Apr-2021 01:46:04 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.203.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 21 Mar 2021 01:46:04 GMT
content-type: text/html
content-length: 479
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=a6fed50f-a649-0dcb-2a66-cd3ee29bebc0|1616291164; Version=1; Expires=Mon, 21-Mar-2022 01:46:04 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.203.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
date: Sun, 21 Mar 2021 01:46:04 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YFalW7VstVgEp9oo4gDoVAAA%261189

0
44 B

97ms
97ms

Image
text/plain

167.172.1.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YFalW7VstVgEp9oo4gDoVAAA%261189
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 01:46:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YFalW7VstVgEp9oo4gDoVAAA%261189
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Sun, 21 Mar 2021 01:46:03 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fe.serverbid.com%252Fudb%252F9969%252Fsync%252Fi.gif%253FpartnerId%253D28%2526userId%253D%2524UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=8631068722566386833

0
44 B

97ms
96ms

Image
text/plain

167.172.1.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=8631068722566386833
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 01:46:03 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.75:80
AN-X-Request-Uuid: 65351e02-09ae-4a58-baa2-b56253cb7767
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=8631068722566386833
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP31e788f7-89e7-11eb-acbd-024d99c14610
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP31e788f7-89e7-11eb-acbd-024d99c14610&verify=true
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP31e788f7-89e7-11eb-acbd-024d99c14610

0
44 B

97ms
97ms

Image
text/plain

167.172.1.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP31e788f7-89e7-11eb-acbd-024d99c14610
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:04 GMT
content-length: 0

Redirect headers

Date: Sun, 21 Mar 2021 01:46:04 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP31e788f7-89e7-11eb-acbd-024d99c14610
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ 0
474 B 60ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=

Requested by

Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 01:46:03 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

verify
pbs.publishers.tremorhub.com/pubsync/
Redirect Chain

https://pbs.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D

43 B
182 B

87ms
87ms

Image
image/gif

2600:1f18:612b:4264:7659:1bf:d736:fba9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:7659:1bf:d736:fba9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

location: pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D
date: Sun, 21 Mar 2021 01:46:03 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://x.bidswitch.net/sync?ssp=consumable
https://x.bidswitch.net/ul_cb/sync?ssp=consumable
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=f9420e52-1b13-5250-9e37-2e81fe618bda&ssp=consumable&expires=30&user_group=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=304d95a2-0b97-499a-9611-e1c3b4cfdf1d

0
44 B

98ms
98ms

Image
text/plain

167.172.1.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=304d95a2-0b97-499a-9611-e1c3b4cfdf1d
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-length: 0

Redirect headers

location: //e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=304d95a2-0b97-499a-9611-e1c3b4cfdf1d
date: Sun, 21 Mar 2021 01:46:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 9431 37 KB
14 KB 10ms
8ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=92095
Expires: Mon, 22 Mar 2021 03:20:58 GMT
Date: Sun, 21 Mar 2021 01:46:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 blockedDomains_1.bin Show response
lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/ Frame 4A2D 37 B
243 B 257ms
6ms XHR
application/octet-stream 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/blockedDomains_1.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 34e3f618db625fef9f9d3efb096053c1a63a9c3cd725ba2275829d6218d942fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "d52192593689e68b27a6c423370aebf0"
fastly-restarts: 1
age: 120707
x-cache: HIT
content-length: 50
x-served-by: cache-hhn4021-HHN
access-control-allow-origin: *
last-modified: Tue, 16 Feb 2021 13:25:12 GMT
x-timer: S1616291164.516599,VS0,VE0
date: Sun, 21 Mar 2021 01:46:03 GMT
vary: Accept-Encoding
content-type: application/octet-stream
via: 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 100

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame 4A2D 0
295 B 600ms
115ms XHR
multipart/form-data 18.190.13.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.190.13.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-190-13-23.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sun, 21 Mar 2021 01:46:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.kristv.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 0099c4a8-0856-44f7-91a7-a7adcf7737ea.bin Show response
vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ Frame 4A2D 7 KB
2 KB 42ms
6ms XHR
application/octet-stream 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/0099c4a8-0856-44f7-91a7-a7adcf7737ea.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 622878f91444603d817a23ab4e10ff0cb2418a54d9ce99a657b50246e2e11a0d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
via: 1.1 varnish, 1.1 varnish
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
age: 7441
x-cache: HIT, HIT
content-encoding: gzip
content-length: 1271
x-served-by: cache-mdw17348-MDW, cache-hhn4021-HHN
last-modified: Sat, 20 Mar 2021 23:41:02 GMT
x-timer: S1616291163.317652,VS0,VE1
etag: "a635f0faff6609b081ba029665a610dd"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame 4A2D 0
295 B 564ms
112ms XHR
multipart/form-data 18.190.13.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.190.13.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-190-13-23.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sun, 21 Mar 2021 01:46:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.kristv.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 4A2D 232 B
495 B 789ms
227ms XHR
multipart/form-data 18.190.13.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.190.13.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-190-13-23.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: c404c0bec5fb5ae83b58c5e0c0748ef328b634c2d11a400cfd6a8d693ea95d4f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sun, 21 Mar 2021 01:46:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.kristv.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame 4A2D 0
295 B 936ms
147ms XHR
multipart/form-data 18.190.13.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.190.13.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-190-13-23.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sun, 21 Mar 2021 01:46:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.kristv.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 00577bc1-4a10-4332-b57f-48081b8189f2.jpg
img.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 22 KB
21 KB 31ms
15ms Image
image/jpeg 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/00577bc1-4a10-4332-b57f-48081b8189f2.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 22845b386e1659dece48f7b8a371f47a5d12d96ee2b7d37dbf2d54571ced87bc

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: br
age: 7440
x-cache: HIT, HIT
fastly-io-info: ifsz=57063 idim=1280x720 ifmt=jpeg ofsz=22065 odim=600x338 ofmt=jpeg
fastly-stats: io=1
content-length: 21670
x-served-by: cache-mdw17381-MDW, cache-hhn4045-HHN
access-control-allow-origin: *
x-timer: S1616291163.442116,VS0,VE1
etag: "BtOm2bBt4JDIncxnQ4QAzNYEF1U2Gidj8mBsoIvlVEs"
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 83a439d6-05cb-4d7e-a689-e68cf4161f84.jpg
img.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 31 KB
31 KB 34ms
18ms Image
image/jpeg 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/83a439d6-05cb-4d7e-a689-e68cf4161f84.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f28d24d7be412fcd3081b3b3cab61bc273fd59e5b03111acbbff366ada2e31a2

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: br
age: 7440
x-cache: HIT, HIT
fastly-io-info: ifsz=79306 idim=1280x720 ifmt=jpeg ofsz=32138 odim=600x338 ofmt=jpeg
fastly-stats: io=1
content-length: 31788
x-served-by: cache-mdw17374-MDW, cache-hhn4045-HHN
access-control-allow-origin: *
x-timer: S1616291163.442260,VS0,VE1
etag: "nd/7TSrumdrRq14jsk2pyEyUtdcX1e7KH6R490cJLjg"
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 8ca6823c-e89b-40b1-9502-e9d134342f15.jpg
img.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 24 KB
24 KB 23ms
7ms Image
image/jpeg 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/8ca6823c-e89b-40b1-9502-e9d134342f15.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4c60c42426eaa550f58aec14abf17f5bc7ccc7ada4885b7be3ad4933766786d8

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: br
age: 7440
x-cache: HIT, HIT
fastly-io-info: ifsz=72459 idim=1280x720 ifmt=jpeg ofsz=24970 odim=600x338 ofmt=jpeg
fastly-stats: io=1
content-length: 24573
x-served-by: cache-mdw17326-MDW, cache-hhn4045-HHN
access-control-allow-origin: *
x-timer: S1616291163.442095,VS0,VE0
etag: "Ug58cT06x9GU8OYLXpp331HbWBpr7EHysm2xGhhbCdY"
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 1badda22-a3bd-4908-9024-c638fe869eec.jpg
img.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 16 KB
16 KB 29ms
13ms Image
image/jpeg 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/1badda22-a3bd-4908-9024-c638fe869eec.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 616cee571ec37dc9a0d8ac558765081b3a71a11d220309ac574a754837291cc4

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: br
age: 7440
x-cache: HIT, HIT
fastly-io-info: ifsz=57016 idim=1280x720 ifmt=jpeg ofsz=16310 odim=600x338 ofmt=jpeg
fastly-stats: io=1
content-length: 15909
x-served-by: cache-mdw17359-MDW, cache-hhn4045-HHN
access-control-allow-origin: *
x-timer: S1616291163.442228,VS0,VE1
etag: "jzP0BQXN55TrRcQlLHse/9l9UwX/cWJkRBQMhcr5p58"
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 adef2a0f-b72f-40d8-aa6d-8f8df4cbe073.jpg
img.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 21 KB
20 KB 34ms
18ms Image
image/jpeg 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/adef2a0f-b72f-40d8-aa6d-8f8df4cbe073.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4a473cf544d7448fdc00355d4e0881d8d224e6e451bc34c162c23b536c763987

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: br
age: 7440
x-cache: HIT, HIT
fastly-io-info: ifsz=59658 idim=1280x720 ifmt=jpeg ofsz=20995 odim=600x338 ofmt=jpeg
fastly-stats: io=1
content-length: 20584
x-served-by: cache-mdw17358-MDW, cache-hhn4045-HHN
access-control-allow-origin: *
x-timer: S1616291163.442241,VS0,VE1
etag: "WdEejfYllG1ZAisToHvTEbGjKYK3JZfbNeftGeRzYFM"
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 00577bc1-4a10-4332-b57f-48081b8189f2.jpg
img.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 24 KB
24 KB 236ms
220ms Image
image/jpeg 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/00577bc1-4a10-4332-b57f-48081b8189f2.jpg?crop=600:410,smart&width=600&height=410&format=jpeg&quality=60&fit=crop
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 682a85d2bbcfe426cba989171c5f2cecc08a9f80e271d174e53d849e041528fd

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: br
age: 7440
x-cache: HIT, MISS
fastly-io-info: ifsz=57063 idim=1280x720 ifmt=jpeg ofsz=24542 odim=600x410 ofmt=jpeg
fastly-stats: io=1
content-length: 24040
x-served-by: cache-mdw17366-MDW, cache-hhn4045-HHN
access-control-allow-origin: *
x-timer: S1616291163.442106,VS0,VE212
etag: "HBArJMfFkKZmdKSaRr7qgacCrPEXp743DQPn4YI639M"
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 206 3ca3d96d-5621-4927-bf4e-c85c48f8c730_360_h264.mp4
vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 64 KB
0 264ms
13ms Media
video/mp4 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/3ca3d96d-5621-4927-bf4e-c85c48f8c730_360_h264.mp4
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kristv.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Sat, 20 Mar 2021 23:36:17 GMT
age: 7439
etag: "3847339dff7aff7ccaf407af2375509f"
x-served-by: cache-mdw17324-MDW, cache-hhn4045-HHN
x-cache: HIT, HIT
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31557600
Content-Range: bytes 0-846671/846672
accept-ranges: bytes
x-timer: S1616291164.683454,VS0,VE0
Content-Length: 846672
x-cache-hits: 1, 1

GET
H2 206 4dbc2c2d-ad4d-4046-b2a9-eeee7972dc62_360_h264.mp4
vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 64 KB
0 264ms
13ms Media
video/mp4 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/4dbc2c2d-ad4d-4046-b2a9-eeee7972dc62_360_h264.mp4
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kristv.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Sat, 20 Mar 2021 23:39:21 GMT
age: 7439
etag: "932dda8bc272f36b538623e41561dcd1"
x-served-by: cache-mdw17375-MDW, cache-hhn4045-HHN
x-cache: HIT, HIT
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31557600
Content-Range: bytes 0-815625/815626
accept-ranges: bytes
x-timer: S1616291164.683428,VS0,VE0
Content-Length: 815626
x-cache-hits: 1, 1

GET
H2 206 db719bfc-2f86-4023-b86f-34463b034876_360_h264.mp4
vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 64 KB
0 264ms
14ms Media
video/mp4 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/db719bfc-2f86-4023-b86f-34463b034876_360_h264.mp4
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kristv.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Sat, 20 Mar 2021 23:36:41 GMT
age: 7439
etag: "cedfbeb74adac42ffdbe208a0fd220ec"
x-served-by: cache-mdw17332-MDW, cache-hhn4045-HHN
x-cache: HIT, HIT
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31557600
Content-Range: bytes 0-1067527/1067528
accept-ranges: bytes
x-timer: S1616291164.683406,VS0,VE1
Content-Length: 1067528
x-cache-hits: 1, 1

GET
H2 206 16411dd7-2e13-46f8-b424-7d1f69459e68_360_h264.mp4
vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 64 KB
0 264ms
13ms Media
video/mp4 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/16411dd7-2e13-46f8-b424-7d1f69459e68_360_h264.mp4
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kristv.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Sat, 20 Mar 2021 23:36:39 GMT
age: 7439
etag: "7f45d5cf7780450ab1e8382c4ef44edd"
x-served-by: cache-mdw17357-MDW, cache-hhn4045-HHN
x-cache: HIT, HIT
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31557600
Content-Range: bytes 0-859087/859088
accept-ranges: bytes
x-timer: S1616291164.683416,VS0,VE0
Content-Length: 859088
x-cache-hits: 1, 1

GET
H2 206 44f867cf-1542-40cc-90c4-2cbd439101a4_360_h264.mp4
vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 64 KB
0 257ms
6ms Media
video/mp4 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/44f867cf-1542-40cc-90c4-2cbd439101a4_360_h264.mp4
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kristv.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Sat, 20 Mar 2021 23:36:30 GMT
age: 7439
etag: "93ecc1ffbf62e89b9583a6a398f17269"
x-served-by: cache-mdw17368-MDW, cache-hhn4045-HHN
x-cache: HIT, HIT
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31557600
Content-Range: bytes 0-1066502/1066503
accept-ranges: bytes
x-timer: S1616291164.683292,VS0,VE0
Content-Length: 1066503
x-cache-hits: 1, 5

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 86ms
85ms Fetch
application/json 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=fda955ae83fae30dccd0356b8380efef&pvId=c7a8043eeb733c0c876b204e11cc299b&sid=999236&pid=34965&idx=1&wId=974&pad=0&org=0&tm=1150&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3387&wRV=2000250&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 01:46:03 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: ca403794a52b4644df833e4c7fb5a0d1
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 96ms
96ms Fetch
application/json 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=2332bcc1cdbe7e2e21d9811bd4dcd8e4&pvId=c7a8043eeb733c0c876b204e11cc299b&sid=999236&pid=34965&idx=3&wId=975&pad=0&org=0&tm=1152&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3387&wRV=2000250&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 01:46:03 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 89667b56211e4ee7e56b995f6f8b0bc6
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 171ms
86ms Fetch
application/json 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=9565cbe10059b07ca8a87d3d3fe3946f&pvId=c7a8043eeb733c0c876b204e11cc299b&sid=999236&pid=34965&idx=4&wId=974&pad=0&org=0&tm=1152&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3387&wRV=2000250&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 01:46:03 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: de33ad849c3280067322c678d4eb0747
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9431 8 KB
9 KB 323ms
15ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=54173359&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 56506b675381e722a20f857f869310596414de2252ff9399c1c19e890930e492

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:03 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CB8D 31 KB
10 KB 19ms
19ms Script
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e01b2c94a979c7f73e27503991c0087ddd4e3dc9b6920cae31ba9308db24bb9e

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=84082
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9439
Expires: Mon, 22 Mar 2021 01:07:25 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame CB8D 284 B
536 B 98ms
24ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H2 206 44f867cf-1542-40cc-90c4-2cbd439101a4_360_h264.mp4
vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 64 KB
0 43ms
41ms Media
video/mp4 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/44f867cf-1542-40cc-90c4-2cbd439101a4_360_h264.mp4
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kristv.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=65536-

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Sat, 20 Mar 2021 23:36:30 GMT
age: 7439
etag: "93ecc1ffbf62e89b9583a6a398f17269"
x-served-by: cache-mdw17368-MDW, cache-hhn4045-HHN
x-cache: HIT, HIT
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31557600
Content-Range: bytes 65536-1066502/1066503
accept-ranges: bytes
x-timer: S1616291164.705122,VS0,VE0
Content-Length: 1000967
x-cache-hits: 1, 6

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 4BCD 31 KB
11 KB 124ms
16ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bc5ae73919013376b1842291774a47cf338b9eb8d89ac679d35d71b26539993

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lXhA_uzUnHtQh.h5MaVMkfSb53_hVFN5
Content-Encoding: gzip
ETag: "5e7d50a8bb96aaeb9028957d5c48f0ee"
Age: 3399
X-Cache: HIT
Connection: keep-alive
Content-Length: 10170
x-amz-id-2: QYlUpbwMB9DndUuMsFsaTwsI83NTUXAN43gPqeb25++qNPKke5+iGpDEGOyDj8bVIlqWwXfcJYU=
X-Served-By: cache-fra19175-FRA
Last-Modified: Fri, 19 Mar 2021 15:47:27 GMT
Server: AmazonS3
X-Timer: S1616291164.829462,VS0,VE0
Date: Sun, 21 Mar 2021 01:46:03 GMT
Vary: Accept-Encoding
x-amz-request-id: ME1W36X30QQHMF1N
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 19

GET
H2 200 moatad.js Show response
z.moatads.com/ewscrippsdfp76939516016/ Frame 4BCD 293 KB
99 KB 83ms
78ms Script
application/x-javascript 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 38046b05f29b7c5b5b7d7fa3e9cf373ad54645bb9b416446af8190841594f906

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 22:26:29 GMT
server: AmazonS3
x-amz-request-id: 92A6D2F6B9436E3D
etag: "d096560c74376a0245c268c74f25bb47"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16644
accept-ranges: bytes
content-length: 101325
x-amz-id-2: huUBHMnIdQ4Z/fyFGIdeTcEM4mnIPKgsHhBZUqKszp1QdA8uEtxU0AVgwp6J1MoKpSTOv9ajwmE=

GET
H3-Q050 200 12054847522145912825
tpc.googlesyndication.com/simgad/ Frame 4BCD 248 KB
249 KB 50ms
20ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12054847522145912825

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12908560649347ef059f6050969915f30de9372df215b60768fa76d5f612cb11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:38:06 GMT
x-content-type-options: nosniff
age: 454077
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254392
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 15:22:14 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 19:38:06 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 4BCD 2 KB
2 KB 46ms
18ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 01:40:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BCD 117 KB
36 KB 48ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 01:46:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4BCD 0
0 18ms
17ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBI-GmwVZubEuwo7GpxFRoMlvp8jAlCQ7IIIp-yGc2yszLKQ7a9fcOa-BAJguU8wGVXakgf9uiYVA3hircnasZvFm-2Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 3935 31 KB
11 KB 115ms
14ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bc5ae73919013376b1842291774a47cf338b9eb8d89ac679d35d71b26539993

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lXhA_uzUnHtQh.h5MaVMkfSb53_hVFN5
Content-Encoding: gzip
ETag: "5e7d50a8bb96aaeb9028957d5c48f0ee"
Age: 3399
X-Cache: HIT
Connection: keep-alive
Content-Length: 10170
x-amz-id-2: QYlUpbwMB9DndUuMsFsaTwsI83NTUXAN43gPqeb25++qNPKke5+iGpDEGOyDj8bVIlqWwXfcJYU=
X-Served-By: cache-fra19175-FRA
Last-Modified: Fri, 19 Mar 2021 15:47:27 GMT
Server: AmazonS3
X-Timer: S1616291164.848324,VS0,VE0
Date: Sun, 21 Mar 2021 01:46:03 GMT
Vary: Accept-Encoding
x-amz-request-id: ME1W36X30QQHMF1N
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 20

GET
H2 200 moatad.js Show response
z.moatads.com/ewscrippsdfp76939516016/ Frame 3935 293 KB
99 KB 81ms
77ms Script
application/x-javascript 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 38046b05f29b7c5b5b7d7fa3e9cf373ad54645bb9b416446af8190841594f906

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 22:26:31 GMT
server: AmazonS3
x-amz-request-id: CT3Z3T5W8Q2PETCJ
etag: "d096560c74376a0245c268c74f25bb47"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37574
accept-ranges: bytes
content-length: 101325
x-amz-id-2: 4QiW7C04lz/jyCrSwpEKspedMh947FjJpkmP7ENBAEIsD97DuMTiv1PJNdIU8rCCSorammnmAl4=

GET
H3-Q050 200 13267563431639267099
tpc.googlesyndication.com/simgad/ Frame 3935 219 KB
219 KB 39ms
35ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13267563431639267099

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07cabaa026b8f05367c863bb2d5cf926e2d2405dd6f169bd983f32c766845c7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 07:19:27 GMT
x-content-type-options: nosniff
age: 411996
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 224480
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 15:22:13 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 07:19:27 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 3935 2 KB
1 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 01:40:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3935 117 KB
36 KB 29ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 01:46:03 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 28ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Sun, 21 Mar 2021 01:46:03 GMT

GET
H3-Q050 200 container.html Show response
3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1B32 6 KB
3 KB 43ms
19ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kristv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kristv.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sun, 21 Mar 2021 01:46:03 GMT
expires: Mon, 21 Mar 2022 01:46:03 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 7EA2 31 KB
11 KB 88ms
14ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bc5ae73919013376b1842291774a47cf338b9eb8d89ac679d35d71b26539993

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lXhA_uzUnHtQh.h5MaVMkfSb53_hVFN5
Content-Encoding: gzip
ETag: "5e7d50a8bb96aaeb9028957d5c48f0ee"
Age: 3399
X-Cache: HIT
Connection: keep-alive
Content-Length: 10170
x-amz-id-2: QYlUpbwMB9DndUuMsFsaTwsI83NTUXAN43gPqeb25++qNPKke5+iGpDEGOyDj8bVIlqWwXfcJYU=
X-Served-By: cache-fra19175-FRA
Last-Modified: Fri, 19 Mar 2021 15:47:27 GMT
Server: AmazonS3
X-Timer: S1616291164.863500,VS0,VE0
Date: Sun, 21 Mar 2021 01:46:03 GMT
Vary: Accept-Encoding
x-amz-request-id: ME1W36X30QQHMF1N
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 21

GET
H2 200 moatad.js Show response
z.moatads.com/ewscrippsdfp76939516016/ Frame 7EA2 293 KB
99 KB 42ms
32ms Script
application/x-javascript 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 38046b05f29b7c5b5b7d7fa3e9cf373ad54645bb9b416446af8190841594f906

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 22:26:29 GMT
server: AmazonS3
x-amz-request-id: 92A6D2F6B9436E3D
etag: "d096560c74376a0245c268c74f25bb47"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16644
accept-ranges: bytes
content-length: 101325
x-amz-id-2: huUBHMnIdQ4Z/fyFGIdeTcEM4mnIPKgsHhBZUqKszp1QdA8uEtxU0AVgwp6J1MoKpSTOv9ajwmE=

GET
H3-Q050 200 12054847522145912825
tpc.googlesyndication.com/simgad/ Frame 7EA2 248 KB
248 KB 12ms
7ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12054847522145912825

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12908560649347ef059f6050969915f30de9372df215b60768fa76d5f612cb11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 19:38:06 GMT
x-content-type-options: nosniff
age: 454077
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254392
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 15:22:14 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 19:38:06 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 7EA2 2 KB
1 KB 18ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 01:40:25 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7EA2 117 KB
36 KB 46ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 01:46:03 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 7EA2 0
0 53ms
27ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMT5ivIuBr1BpYgkEestEOSCCxlNxgLj9vhKhvXex6mmBSoVn0BFBXEEcC0QuhHU32-tETt7dfQ4nVyurHRVKB7uCdqw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 41ms
27ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&hp=1&wf=1&vb=5&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1616291162368&de=895261647171&rx=526810203966&m=0&ar=31f9dba90d7-clean&iw=07d6456&q=1&cb=0&cu=1616291162368&ll=2&lm=0&ln=0&em=0&en=0&d=16839141%3A237842901%3A5250393788%3A138298488418&zMoatAdUnit1=ssp.kris&zMoatAdUnit2=inview-bottom&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&id=1&gw=crackedscrippsdfpprebidheader262014341684&fd=1&ac=1&it=500&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&pe=1%3A562%3A562%3A0%3A589&fs=180167&na=1850124401&cs=0
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Mar 2021 01:46:03 GMT

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 8351
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7905935615319457315

42 B
769 B

22ms
22ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7905935615319457315
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=54173359&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156319:2; KADUSERCOOKIE=400BB623-F7FC-4DE3-A113-A57AD83AF8AC; chkChromeAb67Sec=1; DPSync3=1617494400%3A226_221_201_227; SyncRTB3=1617494400%3A161_71_166_55_204_165_78_21_7_220_13_54_88_5_3_8_81_176_56_22_189_222_230%7C1617148800%3A63%7C1616889600%3A223_2_67_15%7C1618876800%3A203%7C1617580800%3A35; KRTBCOOKIE_57=22776-8631068722566386833; PUBMDCID=3; KRTBCOOKIE_153=1923-tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo&KRTB&19420-tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo&KRTB&22979-tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo; KRTBCOOKIE_1101=23040-6941917685906012309; KRTBCOOKIE_466=16530-304d95a2-0b97-499a-9611-e1c3b4cfdf1d; KRTBCOOKIE_218=22978-YFalXAAAAIWpWVLS&KRTB&23194-YFalXAAAAIWpWVLS&KRTB&23209-YFalXAAAAIWpWVLS&KRTB&23244-YFalXAAAAIWpWVLS; PugT=1616291162
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 21 Mar 2021 01:46:04 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-7905935615319457315; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Apr-2021 01:46:04 GMT; path=/ PugT=1616291164; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Apr-2021 01:46:04 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 01:46:04 GMT; path=/
X-lat: lhrpug002:0:499
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7905935615319457315
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 2A24 43 B
284 B 7535ms
25ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=54173359&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Sun, 21 Mar 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1585
date: Sun, 21 Mar 2021 01:46:10 GMT
content-length: 43

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 897F
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIQzAwN0FyVXNBQUJKUzhYd2Nhdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir

43 B
163 B

300ms
16ms

Document
image/gif

185.86.139.89
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=54173359&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host: rtb-csync.smartadserver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: pid=3602133357003508411
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sun, 21 Mar 2021 01:46:06 GMT
content-type: image/gif
transfer-encoding: chunked

Redirect headers

Date: Sun, 21 Mar 2021 01:46:07 GMT
location: https://rtb-csync.smartadserver.com/redir
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame F83B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941917685906012309

42 B
771 B

1063ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941917685906012309
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=54173359&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156319:2; KADUSERCOOKIE=400BB623-F7FC-4DE3-A113-A57AD83AF8AC; chkChromeAb67Sec=1; DPSync3=1617494400%3A226_221_201_227; SyncRTB3=1617494400%3A161_71_166_55_204_165_78_21_7_220_13_54_88_5_3_8_81_176_56_22_189_222_230%7C1617148800%3A63%7C1616889600%3A223_2_67_15%7C1618876800%3A203%7C1617580800%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 21 Mar 2021 01:46:03 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6941917685906012309; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Apr-2021 01:46:03 GMT; path=/ PugT=1616291163; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Apr-2021 01:46:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 01:46:03 GMT; path=/
X-lat: amspug005:0:552
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Sun, 21 Mar 2021 01:46:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6941917685906012309; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941917685906012309

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 0609
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=PvgSlbgaupAbEUfafC2bWgYK

42 B
811 B

23ms
22ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=PvgSlbgaupAbEUfafC2bWgYK
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=54173359&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156319:2; KADUSERCOOKIE=400BB623-F7FC-4DE3-A113-A57AD83AF8AC; chkChromeAb67Sec=1; DPSync3=1617494400%3A226_221_201_227; SyncRTB3=1617494400%3A161_71_166_55_204_165_78_21_7_220_13_54_88_5_3_8_81_176_56_22_189_222_230%7C1617148800%3A63%7C1616889600%3A223_2_67_15%7C1618876800%3A203%7C1617580800%3A35; KRTBCOOKIE_57=22776-8631068722566386833; PUBMDCID=3; KRTBCOOKIE_153=1923-tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo&KRTB&19420-tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo&KRTB&22979-tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo; KRTBCOOKIE_1101=23040-6941917685906012309; KRTBCOOKIE_466=16530-304d95a2-0b97-499a-9611-e1c3b4cfdf1d; KRTBCOOKIE_218=22978-YFalXAAAAIWpWVLS&KRTB&23194-YFalXAAAAIWpWVLS&KRTB&23209-YFalXAAAAIWpWVLS&KRTB&23244-YFalXAAAAIWpWVLS; KRTBCOOKIE_336=5844-7905935615319457315; KRTBCOOKIE_22=14911-8774347960990643334; KRTBCOOKIE_27=16735-uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d&KRTB&16736-uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d&KRTB&23019-uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d&KRTB&23114-uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_c2207f13-313a-4eb3-aa49-ac05b9f9bb48; PugT=1616291164; SPugT=1616291165; KRTBCOOKIE_107=1471-uid:Erw6rgFm1LnNam5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 21 Mar 2021 01:46:07 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-PvgSlbgaupAbEUfafC2bWgYK&KRTB&23212-PvgSlbgaupAbEUfafC2bWgYK; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Apr-2021 01:46:07 GMT; path=/ PugT=1616291167; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Apr-2021 01:46:07 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 01:46:07 GMT; path=/
X-lat: lhrpug010:0:463
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Sun, 21 Mar 2021 01:46:07 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=PvgSlbgaupAbEUfafC2bWgYK; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=PvgSlbgaupAbEUfafC2bWgYK
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame F573 43 B
408 B 1572ms
14ms Document
image/gif 72.251.241.204
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=54173359&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Sun, 21 Mar 2021 01:46:05 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-6
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame E2FF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
560 B

168ms
166ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=54173359&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=a8noeUw5EGMAaINWhWa2md1Gjy0ETZboGLMPIPHOo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sun, 21 Mar 2021 01:46:04 GMT
content-type: image/gif; charset=utf-8
content-length: 43
set-cookie: __cfduid=d204af53a8a46db8983c46779f3b66b0c1616291164; expires=Tue, 20-Apr-21 01:46:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aknsIHtlix88qyTAZbCauxPMWZbLnhIKZcyuNntjbMGeAuFbbMW38xB5DEsG5oA2TZdZdaNgnhaMsMOxwncebYjvaZdJj9; path=/; domain=.tribalfusion.com; expires=Sat, 19-Jun-2021 01:46:04 GMT; SameSite=None; Secure; ANON_ID_old=aknsIHtlix88qyTAZbCauxPMWZbLnhIKZcyuNntjbMGeAuFbbMW38xB5DEsG5oA2TZdZdaNgnhaMsMOxwncebYjvaZdJj9; path=/; domain=.tribalfusion.com; expires=Sat, 19-Jun-2021 01:46:04 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 08f40f076f0000d6e10aad4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6333811f1958d6e1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sun, 21 Mar 2021 01:46:04 GMT
content-type: text/html
set-cookie: __cfduid=d55f3ac35256ec22d7dfa229d63b4d1051616291163; expires=Tue, 20-Apr-21 01:46:03 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=a8noeUw5EGMAaINWhWa2md1Gjy0ETZboGLMPIPHOo; path=/; domain=.tribalfusion.com; expires=Sat, 19-Jun-2021 01:46:03 GMT; SameSite=None; Secure; ANON_ID_old=a8noeUw5EGMAaINWhWa2md1Gjy0ETZboGLMPIPHOo; path=/; domain=.tribalfusion.com; expires=Sat, 19-Jun-2021 01:46:03 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 2491
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 08f40f06c60000d6e117b89000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6333811e08f1d6e1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 05E4 42 B
1 KB 48ms
23ms Document
image/gif 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=54173359&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
content-type: image/gif
content-length: 42
set-cookie: __cfduid=ded2dc2311a722fce93807f6ade6b808e1616291163; expires=Tue, 20-Apr-21 01:46:03 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-9mgd
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 08f40f06c60000324c012dd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6333811e0ad5324c-FRA

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 86F9
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=zBi3tuFlPUoi&pid=557219

1 B
463 B

14ms
14ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=zBi3tuFlPUoi&pid=557219
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=54173359&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156319:2; KADUSERCOOKIE=400BB623-F7FC-4DE3-A113-A57AD83AF8AC; chkChromeAb67Sec=1; DPSync3=1617494400%3A226_221_201_227; SyncRTB3=1617494400%3A161_71_166_55_204_165_78_21_7_220_13_54_88_5_3_8_81_176_56_22_189_222_230%7C1617148800%3A63%7C1616889600%3A223_2_67_15%7C1618876800%3A203%7C1617580800%3A35; KRTBCOOKIE_57=22776-8631068722566386833; PUBMDCID=3; KRTBCOOKIE_153=1923-tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo&KRTB&19420-tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo&KRTB&22979-tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo; KRTBCOOKIE_1101=23040-6941917685906012309; KRTBCOOKIE_466=16530-304d95a2-0b97-499a-9611-e1c3b4cfdf1d; KRTBCOOKIE_218=22978-YFalXAAAAIWpWVLS&KRTB&23194-YFalXAAAAIWpWVLS&KRTB&23209-YFalXAAAAIWpWVLS&KRTB&23244-YFalXAAAAIWpWVLS; KRTBCOOKIE_336=5844-7905935615319457315; KRTBCOOKIE_22=14911-8774347960990643334; KRTBCOOKIE_27=16735-uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d&KRTB&16736-uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d&KRTB&23019-uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d&KRTB&23114-uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_c2207f13-313a-4eb3-aa49-ac05b9f9bb48; PugT=1616291164; SPugT=1616291165; KRTBCOOKIE_107=1471-uid:Erw6rgFm1LnNam5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 21 Mar 2021 01:46:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 01:46:05 GMT; path=/
X-lat: amspug008:0:388
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-568ff9c7d-9cnfz
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=zBi3tuFlPUoi&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=d91942d279e46aae; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame FD5A
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1151c9e1-915b-4415-acc0-88f537542152-tuct7502ade&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
147 B

1067ms
22ms

Document
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1151c9e1-915b-4415-acc0-88f537542152-tuct7502ade&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=54173359&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1151c9e1-915b-4415-acc0-88f537542152-tuct7502ade&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=1151c9e1-915b-4415-acc0-88f537542152-tuct7502ade
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Sun, 21 Mar 2021 01:46:07 GMT
via: 1.1 varnish
x-served-by: cache-fra19143-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1616291168.952579,VS0,VE9
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=1151c9e1-915b-4415-acc0-88f537542152-tuct7502ade;Version=1;Path=/;Domain=.taboola.com;Expires=Mon, 21-Mar-2022 01:46:06 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1151c9e1-915b-4415-acc0-88f537542152-tuct7502ade&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Sun, 21 Mar 2021 01:46:06 GMT
via: 1.1 varnish
x-served-by: cache-hhn11523-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1616291167.889346,VS0,VE8
x-vcl-time-ms: 8
content-length: 0

GET
H2

200

check Show response
pixel.tapad.com/idsync/ex/receive/ Frame D5CF
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

95 B
165 B

15ms
15ms

Document
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.tapad.com
:scheme: https
:path: /idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_TS=1616291164932; TapAd_DID=32e60c41-89e7-11eb-8b15-9e9b130d4f06
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sun, 21 Mar 2021 01:46:04 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

Redirect headers

date: Sun, 21 Mar 2021 01:46:04 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1616291164932;Expires=Thu, 20 May 2021 01:46:04 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=32e60c41-89e7-11eb-8b15-9e9b130d4f06;Expires=Thu, 20 May 2021 01:46:04 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length: 0
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame DD5D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Erw6rgFm1LnNam5&gdpr=0&gdpr_consent=

42 B
769 B

14ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Erw6rgFm1LnNam5&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=54173359&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156319:2; KADUSERCOOKIE=400BB623-F7FC-4DE3-A113-A57AD83AF8AC; chkChromeAb67Sec=1; DPSync3=1617494400%3A226_221_201_227; SyncRTB3=1617494400%3A161_71_166_55_204_165_78_21_7_220_13_54_88_5_3_8_81_176_56_22_189_222_230%7C1617148800%3A63%7C1616889600%3A223_2_67_15%7C1618876800%3A203%7C1617580800%3A35; KRTBCOOKIE_57=22776-8631068722566386833; PUBMDCID=3; KRTBCOOKIE_153=1923-tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo&KRTB&19420-tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo&KRTB&22979-tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo; KRTBCOOKIE_1101=23040-6941917685906012309; KRTBCOOKIE_466=16530-304d95a2-0b97-499a-9611-e1c3b4cfdf1d; KRTBCOOKIE_218=22978-YFalXAAAAIWpWVLS&KRTB&23194-YFalXAAAAIWpWVLS&KRTB&23209-YFalXAAAAIWpWVLS&KRTB&23244-YFalXAAAAIWpWVLS; KRTBCOOKIE_336=5844-7905935615319457315; KRTBCOOKIE_22=14911-8774347960990643334; KRTBCOOKIE_27=16735-uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d&KRTB&16736-uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d&KRTB&23019-uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d&KRTB&23114-uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_c2207f13-313a-4eb3-aa49-ac05b9f9bb48; PugT=1616291164; SPugT=1616291165
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 21 Mar 2021 01:46:04 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_107=1471-uid:Erw6rgFm1LnNam5; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 01:46:04 GMT; path=/ PugT=1616291164; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Apr-2021 01:46:04 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 01:46:04 GMT; path=/
X-lat: amspug010:0:401
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Sun, 21 Mar 2021 01:46:06 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Erw6rgFm1LnNam5&gdpr=0&gdpr_consent=
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma: no-cache
Server: PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-0ab29fc25246f26bf@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=Erw6rgFm1LnNam5; Domain=.w55c.net; Expires=Thu, 21-Apr-2022 01:46:06 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Tue, 20-Apr-2021 01:46:06 GMT; Path=/; SameSite=None; Secure
Content-Length: 0
Connection: keep-alive

GET
H2 200 i.gif Show response
e.serverbid.com/udb/9969/sync/ Frame 6738 0
44 B 107ms
96ms Document
text/plain 167.172.1.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=400BB623-F7FC-4DE3-A113-A57AD83AF8AC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: e.serverbid.com
:scheme: https
:path: /udb/9969/sync/i.gif?partnerId=4&userId=400BB623-F7FC-4DE3-A113-A57AD83AF8AC
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Sun, 21 Mar 2021 01:46:03 GMT

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9431
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QAu2I_f8TeOhE6V62Dr4rA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

9ms
7ms

Image
text/html

23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=110745
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Mon, 22 Mar 2021 08:31:52 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 9431 95 B
596 B 47ms
22ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=400BB623-F7FC-4DE3-A113-A57AD83AF8AC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6333811e1c4e4ab5-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08f40f06cf00004ab5cb339000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 9431
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

31ms
30ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:10 GMT
frontend-id: 1
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:10 GMT
frontend-id: 3
location: /pubmatic/1/info2?sType=sync&sExtCookieId=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&addseg=19,36,42

7 B
147 B

45ms
15ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:11 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Sun, 21 Mar 2021 01:46:11 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDAwQkI2MjMtRjdGQy00REUzLUExMTMtQTU3QUQ4M0FGOEFD&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

23ms
22ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:07 GMT
X-lat: lhrpug009:0:467
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOj1bTO0Lp1FvNlo9RyGnVU&google_cver=1

42 B
856 B

48ms
23ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOj1bTO0Lp1FvNlo9RyGnVU&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:07 GMT
X-lat: lhrpug006:0:2256
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOj1bTO0Lp1FvNlo9RyGnVU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 9431 43 B
609 B 324ms
20ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 20 Mar 2021 01:46:04 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9fe3b101-81d5-4829-91e9-5d4dd1d60d21

42 B
882 B

14ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9fe3b101-81d5-4829-91e9-5d4dd1d60d21
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:10 GMT
X-lat: amspug002:0:373
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:11 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9fe3b101-81d5-4829-91e9-5d4dd1d60d21
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1134697904403359013

42 B
801 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1134697904403359013
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:09 GMT
X-lat: amspug014:0:406
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:11 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1134697904403359013
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d&gdpr=0&gdpr_consent=

42 B
946 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:03 GMT
X-lat: amspug010:0:420
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Sun, 21 Mar 2021 01:46:05 GMT
Server: MT3 3611 f10363c master zrh-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ebf96056-a55c-4200-a3e9-d8963f8e6c8d&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 21 Mar 2021 01:46:04 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8631068722566386833&gdpr=0&gdpr_consent=

42 B
769 B

97ms
27ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8631068722566386833&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:04 GMT
X-lat: lhrpug001:0:451
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 01:46:03 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.87:80
AN-X-Request-Uuid: bb007c46-cf75-40d3-9343-54368892505b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8631068722566386833&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=4604dd2c-6002-4660-ac78-97a26dbe2508&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=304d95a2-0b97-499a-9611-e1c3b4cfdf1d&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

744ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=304d95a2-0b97-499a-9611-e1c3b4cfdf1d&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:03 GMT
X-lat: amspug020:0:434
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=304d95a2-0b97-499a-9611-e1c3b4cfdf1d&gdpr=&gdpr_consent=&gdpr_pd=
date: Sun, 21 Mar 2021 01:46:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 400BB623-F7FC-4DE3-A113-A57AD83AF8AC
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9431 43 B
839 B 103ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/400BB623-F7FC-4DE3-A113-A57AD83AF8AC?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:04 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AZnjvyVE2uX1FDMpU6Zc0bTh7elPOBw-~A&gdpr=0&gdpr_consent=

0
418 B

1338ms
15ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AZnjvyVE2uX1FDMpU6Zc0bTh7elPOBw-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:04 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 21 Mar 2021 01:46:04 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AZnjvyVE2uX1FDMpU6Zc0bTh7elPOBw-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo

42 B
894 B

22ms
22ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:04 GMT
X-lat: lhrpug015:0:850
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tu_L4OHqy7etvM-wuOzT5-TnmLSt6c_ntufxIIyo
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFalXAAAAIWpWVLS&gdpr=0&gdpr_consent=&_test=YFalXAAAAIWpWVLS

1 B
809 B

436ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFalXAAAAIWpWVLS&gdpr=0&gdpr_consent=&_test=YFalXAAAAIWpWVLS
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:02 GMT
X-lat: amspug019:0:470
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:04 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1616291165.510400,VS0,VE0
x-served-by: cache-hhn4020-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFalXAAAAIWpWVLS&gdpr=0&gdpr_consent=&_test=YFalXAAAAIWpWVLS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8774347960990643334&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

14ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8774347960990643334&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:02 GMT
X-lat: amspug015:0:369
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8774347960990643334&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 21 Mar 2021 01:46:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:76cb84bf-68be-4072-a0af-0fe2fe2b95bd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

15ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:76cb84bf-68be-4072-a0af-0fe2fe2b95bd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:02 GMT
X-lat: amspug017:0:374
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:76cb84bf-68be-4072-a0af-0fe2fe2b95bd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sun, 21 Mar 2021 01:46:05 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
760 B

22ms
22ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:05 GMT
X-lat: lhrpug005:0:538
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:05 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 9431 0
104 B 93ms
62ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=400BB623-F7FC-4DE3-A113-A57AD83AF8AC&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:05 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8631068722566386833

42 B
505 B

14ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8631068722566386833
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:03 GMT
X-lat: amspug007:0:301
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 01:46:05 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.49:80
AN-X-Request-Uuid: b527bef1-4dc6-45bc-8d04-02996af65a7f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8631068722566386833
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9431
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c2207f13-313a-4eb3-aa49-ac05b9f9bb48

42 B
790 B

15ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c2207f13-313a-4eb3-aa49-ac05b9f9bb48
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 01:46:04 GMT
X-lat: amspug005:0:825
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c2207f13-313a-4eb3-aa49-ac05b9f9bb48
date: Sun, 21 Mar 2021 01:46:05 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H2 206 44f867cf-1542-40cc-90c4-2cbd439101a4_360_h264.mp4
vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 192 KB
0 7ms
7ms Media
video/mp4 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/44f867cf-1542-40cc-90c4-2cbd439101a4_360_h264.mp4
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kristv.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=131072-

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Sat, 20 Mar 2021 23:36:30 GMT
age: 7439
etag: "93ecc1ffbf62e89b9583a6a398f17269"
x-served-by: cache-mdw17368-MDW, cache-hhn4045-HHN
x-cache: HIT, HIT
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31557600
Content-Range: bytes 131072-1066502/1066503
accept-ranges: bytes
x-timer: S1616291164.884141,VS0,VE0
Content-Length: 935431
x-cache-hits: 1, 7

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4BCD 0
0 43ms
42ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssC0gSjzNJv3fMR5mDvQ68w1FHY6YtfNEhkWyEBu6OL1AI4z5l2Tkkm3jqCwAQkWJV1OpHdjVRccsB5eIMJ3n4H7AQn_Y_WyplUOV76pwrVgLTUIeLWR9UdOHX94TQRXYEDWNkxpnJKG2aixh3AsNOm_Nu1PyLXT_XoXLIJITD54NU4vlnjGyVA0ZwOegpUOMuYna5yGJqhMTfkYU7vBviPPiU3sAAshg5kmOqoDM7KX1cFAprKYrcGp_42H2tC5StEiUe4CW0pqr69DbIgugMiiUJL1VycoYUu2KbN_N-Pc3fIhXH2_zz8XoJmashzYg&sig=Cg0ArKJSzDMsV-gbTyf_EAE&adurl=

Requested by

Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 01:46:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3935 0
0 44ms
44ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_UA0ler9G9uwUiAtya81ZXpQLtRhIsJUVMNMN3wkQN3yZmxWKdjo97wSWCg_afwu91YJLqM3QZOsmc3w8CXeTVdeIMXapKwjHFpPjJekJYuro4VB8vGgA7UjqJyk3yoH-bDDuIi9Y0w1DiYsqwap5cSOYnqKquorsd2ooM3e2WepJJ_5JyYjigliOOAF6RxRhhYEJ0honrHZusgLRyHEbRCGz1o3Y9LLqzHMmnjOJLGNaW2P-juCMSHlBMXM2HMXVSr4Rz0m9S46_ipoSGrmn4lvg5sHTweoUa9xi94JW-_UU9zWinSPVvc6xsgALsQ&sig=Cg0ArKJSzE77fp68IpBVEAE&adurl=

Requested by

Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 01:46:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 4BCD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4465a43dd079c83a2ea3a882d9406ec43bf4b656503980b1b53fdcabece7e851

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3935 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f8df574e944075984b607c653b5f638dfd559bb2a3847291c844caec1411eb5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4BCD 0
0 71ms
57ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuOE9BXpu5C4s-6ObTm_pXIz6h4snwMEq3AOGhLhJHWvBYaQFcGWoFyZsamJAU2LuY712YtjPiIoSvCop8uyQWpRzSAKRo_nsk__yZpWeFbGoeAKkUzCzeFAgPNYX4BGXd4sk2ocPRCRxfHY4mFK3B-SuwLZ0KaJaa1EkVVJ4QAYR-3jDLGDEYUpA1OnSddYhqj5ccL3LwfzLmkQ-1w8cvSR27luPwliBdOpI8TfsO-9ohG4MtYEF6J5ryqzAYfP86aSNkUfSdlFHkhCLmWLSmBaH_qg9I50duTIIPfp2pH4b7v--JsP3fbkdO6yeUC4vP&sig=Cg0ArKJSzPVWBOFhiFyxEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 01:46:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 21 Mar 2021 01:46:04 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3935 0
0 71ms
57ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFBDL2dLBHO7ZUOv5rcQT0JR1xXf8vbgYMDoxjRvH_YMHFhgPpnpSdT2y7FzgfGvNE-kiwGg_9lwXAfckWr6nTnvUMbZd1ASQmRCdsgynCPDBj5ObaMFDljiCIP5767Y4WTy2s7_cP2giR0k9o_j-AU7LNFYtmMivqFy_AGJdccvIFm37JlwNc97IxPsAb2mOYu84yvOR8YcrfHSFnVoaYCT39hj_dVyaWCFmGiKki19XtMfEbBIxd7yzzs021hSivoIdfomkkPBWEgTltXQ-hXNUFO3EAz_YmKtAcjElOg2PZVRVNtkN9IBZrbKxKRx_w&sig=Cg0ArKJSzPYelTUM6l4fEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 01:46:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 21 Mar 2021 01:46:04 GMT

GET
H2 206 db719bfc-2f86-4023-b86f-34463b034876_360_h264.mp4
vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 192 KB
0 8ms
7ms Media
video/mp4 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/db719bfc-2f86-4023-b86f-34463b034876_360_h264.mp4
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kristv.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=65536-

Response headers

date: Sun, 21 Mar 2021 01:46:03 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Sat, 20 Mar 2021 23:36:41 GMT
age: 7439
etag: "cedfbeb74adac42ffdbe208a0fd220ec"
x-served-by: cache-mdw17332-MDW, cache-hhn4045-HHN
x-cache: HIT, HIT
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31557600
Content-Range: bytes 65536-1067527/1067528
accept-ranges: bytes
x-timer: S1616291164.996553,VS0,VE0
Content-Length: 1001992
x-cache-hits: 1, 2

GET
H2 200 /
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame 4BCD 42 B
133 B 353ms
113ms Image
image/gif 3.141.126.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=927855&referer=https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:04 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H2 206 16411dd7-2e13-46f8-b424-7d1f69459e68_360_h264.mp4
vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 192 KB
0 8ms
7ms Media
video/mp4 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/16411dd7-2e13-46f8-b424-7d1f69459e68_360_h264.mp4
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kristv.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=65536-

Response headers

date: Sun, 21 Mar 2021 01:46:04 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Sat, 20 Mar 2021 23:36:39 GMT
age: 7439
etag: "7f45d5cf7780450ab1e8382c4ef44edd"
x-served-by: cache-mdw17357-MDW, cache-hhn4045-HHN
x-cache: HIT, HIT
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31557600
Content-Range: bytes 65536-859087/859088
accept-ranges: bytes
x-timer: S1616291164.034062,VS0,VE0
Content-Length: 793552
x-cache-hits: 1, 2

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7EA2 0
0 48ms
47ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1JX-SgvlQ6_rWhSryEobJQ753l3KYwJ2oT94KyAdIVWRTrZz56SxDu2oZoHJ6p8yX3c3-06cpkoNqbU4cIpaXVXsJ6IcNebW9xSShXG2wPJVbaumV9a_UqPJAyKI23ZOvGeXqeKbrLc23NRD_xXiMkaj3x7id4FLx-sITMzcSWdjSobrCkXE5I7ClSYNpLjvAOlx6yaWy6KTsu64QLgmtoBUqlw_ftkNceWGSjE9mZuEIlMVqyZupa0fzBNhMLwbqRMqw1Fi6Mtpa-fIr4i7B0YrMelOlID8ZtMpw7CgNQSdHOBpfrHpbo4xBDfttyg&sig=Cg0ArKJSzFa8TyM1Iyt1EAE&adurl=

Requested by

Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 01:46:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 7EA2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 973b6b4ffff43efb313b7fe577b1023e1c5ae0f8dae564663c16e2b86d742a04

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame 3935 42 B
132 B 283ms
115ms Image
image/gif 3.141.126.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=131135&referer=https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:04 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H2 206 3ca3d96d-5621-4927-bf4e-c85c48f8c730_360_h264.mp4
vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 128 KB
0 8ms
8ms Media
video/mp4 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/3ca3d96d-5621-4927-bf4e-c85c48f8c730_360_h264.mp4
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kristv.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=65536-

Response headers

date: Sun, 21 Mar 2021 01:46:04 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Sat, 20 Mar 2021 23:36:17 GMT
age: 7439
etag: "3847339dff7aff7ccaf407af2375509f"
x-served-by: cache-mdw17324-MDW, cache-hhn4045-HHN
x-cache: HIT, HIT
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31557600
Content-Range: bytes 65536-846671/846672
accept-ranges: bytes
x-timer: S1616291164.107858,VS0,VE0
Content-Length: 781136
x-cache-hits: 1, 2

GET
H2 206 4dbc2c2d-ad4d-4046-b2a9-eeee7972dc62_360_h264.mp4
vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/ 128 KB
0 8ms
8ms Media
video/mp4 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/1d38b557-9898-4ce2-8eb9-9c640fb88588/4dbc2c2d-ad4d-4046-b2a9-eeee7972dc62_360_h264.mp4
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kristv.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=65536-

Response headers

date: Sun, 21 Mar 2021 01:46:04 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Sat, 20 Mar 2021 23:39:21 GMT
age: 7439
etag: "932dda8bc272f36b538623e41561dcd1"
x-served-by: cache-mdw17375-MDW, cache-hhn4045-HHN
x-cache: HIT, HIT
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31557600
Content-Range: bytes 65536-815625/815626
accept-ranges: bytes
x-timer: S1616291164.107853,VS0,VE0
Content-Length: 750090
x-cache-hits: 1, 2

GET
H2 200 /
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame 7EA2 42 B
132 B 259ms
114ms Image
image/gif 3.141.126.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=1012816&referer=https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:04 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 1B32 31 KB
11 KB 223ms
223ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bc5ae73919013376b1842291774a47cf338b9eb8d89ac679d35d71b26539993

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lXhA_uzUnHtQh.h5MaVMkfSb53_hVFN5
Content-Encoding: gzip
ETag: "5e7d50a8bb96aaeb9028957d5c48f0ee"
Age: 3399
X-Cache: HIT
Connection: keep-alive
Content-Length: 10170
x-amz-id-2: QYlUpbwMB9DndUuMsFsaTwsI83NTUXAN43gPqeb25++qNPKke5+iGpDEGOyDj8bVIlqWwXfcJYU=
X-Served-By: cache-fra19175-FRA
Last-Modified: Fri, 19 Mar 2021 15:47:27 GMT
Server: AmazonS3
X-Timer: S1616291164.343224,VS0,VE0
Date: Sun, 21 Mar 2021 01:46:04 GMT
Vary: Accept-Encoding
x-amz-request-id: ME1W36X30QQHMF1N
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 22

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D2E8 478 B
505 B 17ms
15ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhj69uyVATAB&v=APEucNVMg4aKPGOmYdVAapSbY1IZNymh0vbkeek2gn56fO0ZOiU1Ba_PkRKDU-Q1jP98975MMAmybwD6KJ0KCNuE7thgmh0nEvK-wMiLOy-D7KssXyEMzoo62SVAJPyGO32ETIiWqVMgJSuepKE0Ym5QkJ8QsBDHx-f2Vppfg0U19b31ESBgbHcmMrnALDJPxZMTyFBfrYT8exSI-xQHXuxjp9ThPX9oPA

Requested by

Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMXlgQEQ1K6oAhj69uyVATAB&v=APEucNVMg4aKPGOmYdVAapSbY1IZNymh0vbkeek2gn56fO0ZOiU1Ba_PkRKDU-Q1jP98975MMAmybwD6KJ0KCNuE7thgmh0nEvK-wMiLOy-D7KssXyEMzoo62SVAJPyGO32ETIiWqVMgJSuepKE0Ym5QkJ8QsBDHx-f2Vppfg0U19b31ESBgbHcmMrnALDJPxZMTyFBfrYT8exSI-xQHXuxjp9ThPX9oPA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnXgk-O75EUiZbso-zwArmgtur_QERKxdpHpPJPVP9huQ0Z8M3PEa_YaG3UR-4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 21 Mar 2021 01:46:04 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1B32 39 KB
19 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCX7ZsHamwgiklpu27o3gDy_YI_fJZcd5p7Y8vmXDW6APZb42j_ubTdiNAqvCN2prdRZhGTkBzmSymc66ADS9BXufHTpB385enRSBkZrKbRC1mtM74NJ2R_DOd3WMoEg5ssvZ3Rten_F2xX8pR4frUwljKYQ&dbm_d=AKAmf-Bz3jEIU-_dc28dGd_UbxETczTLNApTpdcG4gm39KrFdW23bid2UJ-XcZEJDQihWwhm8w0U45JkQw5wbxVTwDTkNQ8qZCXRtC6fJQwEe-RpqR4pnKf4GazPn49FntK5t5fDybeNClP9d8PWuGI3drcjWVMkc4i7QEB_B-OymhtY8Ph-UkpjD_oVXIEftS37e45fh-dLZV4iNfbNPjiQiLMkTf25c6O8GEx8zyO4ctj-M7-NXk7J1neVI14hHVUqHZjK265O1QFk16bMzPLmLGqSDSn4utDWvGh2oefUtzrGsjQVkZkfyRr-UsBIt5N4tYWyb8i3PhKaPohwOIQWclRivydA_IqkSyIkAEGbQIPrDplvGVHlYEMwR7-7N974aFnFVQlbOw42lGCuFuHJco0d5K83TP32vUdpIx3Qc16FH1U9UptW-FsuzsgqWR1LE3VkS8a2z-dyJpYSO0_e0rucOLAObyCoJtaQ8pnTLORYrOUGsXfdGf7urp_ufl3e0e84B6fAWgurNGSnh-QAO8FY-7UifTGgszFle1DuHde7MXGfnJuMMnu02MQIc_2p0UDSkJE-vKsUaZCIYSDhqeRTz2E496H2sWKh_gkh9UipNSl1Pdc-huPnCehf5Fm-H2eD0FUmQNTr0dBJkhyEC3RYwhkwjtADy6UN62w5x7jg2XRLJrgfYcHwG4w3_2H_W89NtyW2yklOyMLEw57SLTO37NoMkvD37bTaA2RuTTyLKctZF3Q3llQhE0BEQghHhp1GUfaXCk_sbTskhJ7XrckNZUgywoL_Jc1rhgfDsiTRjwDdWT4YU1JTZtaZYnm7DCLkExkryRcwPzqLL-9GLyxOg22aedNHqEC4k9wAnDHI15WwCaXFBZ78c75dnftre0H2bhs-pYw_M23s0ruWYseJEcoIIJguBmZKivHATfzbQYaemsuwVqhWWlnwAi3CKzkjgwe-znb8sI0zYPctabAySXf9pDiPyeQjza5FiBEV1M-6BpsCLUInOUgLhYhLnYORP6B7rC4RF7EofM8Q-rUOLGLDwRzlP_vuntOQsCyEiDSohQ4zhWDjEclk21QfI7WWQdinj-Y4FGRVTKs9C1jE-EKMOlLal-zNYhgkUWkD64Rt9btHGcTIT3-D1MMtbogMkjczm4C5NpFJpUt1JPsntDtD8u2fJ4AMQBSMaAaDSEwNGWf7jj1fH-4NQDyJvzTLXu_0NQpy59vnq8-VMIn5mUZO36h3y61kBXXh41iiNqkaOkuxmqhdKIUoIa_215QfIDbR62lZEJAjN_ycPn9zw-nicSTKari01XkwdzXvBzYaTBSk40TXs-TYLtghKfdKVxdKomzqZl_-3iiL8EU1oMRovsXdpvRIZm-3-IgJflYgBgldc8AwpbD2IKQKCLdvQC04qn9pOUBjD08VDCk0sfNrxN6U64A2ujbZFZinJCRgncWYd4xR3Tmy4EnRJRlMIFpqyyY77u0Z1ZCDNucY_qtK7GbcC6_6Dp1WS04DRZ21eGeK1U5p0Bmfo_Z-dvY0tYwIJaMXlrKOx2hQZujxu1oii3atoP534Ui0dXkNKiOQAb1oHWyk4YQQyjCm6-_9KqwjzgYMejAGJirlB2AXa1J3-UA5dxtvDz-73rwsJqTs-KFwwFXYh0ge6gro6OMgl4FUZTB05DBD4oF7A7OLrKx3Hsoj71bFvj5c_erscGByWJY88QOjFAHGMalRBDnlpPFdI2e0tA0CGoxi18DWgsQvBliR5yj4rOlPsQLosNvHdldaI87kjQmUHKWAIbi-1zacinhIus9WovkjRnsTN_K-a_3XPCLs0ky6Ddp5pKQ1h3dOt-Ni9jodRCTGOV725UkczdHpbiokBR_yULzVpygLOzp1gtDSXKKZkDVxGHXpmPSSmqDs6ylYTFlbbig8tBFZ-18bVa7RlE7yE1slCrQXICMlDV5FNJPTMg2T2gxbhoO14ohEV1ksiRGg9jXfy9fCqCKbqLWZcfYdhTSFtvPpjSgDCACZZhS0-J0Ng_HUHsz-z-gYlsphcAnOCQhj729x8N6ceWbXSO2EKncOAO4xysJFQqiwtIV3hYYquaTIZKzNIBA1-3rhs6sGx2XvXZQNV-65axrZfbI53VfQS_6qatZrVgNhBVwOLkTwWVz7i98ir8pQca_pRa6GTnIQdcR9308O6EUmdAXRBA__jBSAMyg05yzQo4Oh_ply3kvV8PIzu5eX-CNQXQNUvhlzmcS_q9xH4vMEVuA1-4VuLiQpsgigy07rrJgTF8mpYxV8kzy3hRA48SccCUcixiKkO53WHk8n8SyKKuMWrSJj6kufGAD2DwI7iJoEOPRCeH2Vf53FCLgVapcPrC0q4yWywHOar2HzVmV8Jy1UcFUUlOX5XzGazTo1R7cWKf1hrPeXKF1cYOLGs3aGeJzUBcVKesgUjpUvs3I6ZG3QbPaELEQMaChdJ12Yu8Y_3gbFxinaQ0l-RWx0nPDuG_EbsaYo2GlKfbloncZUBeQn_qlK9UUGU-EjJr1FIEdsQlfTth9sx3ofCTgV6quzRwpeXyfjZcettCpS88q-hE3XLTBytLPnfG1xGCBnHxi4REFZcW2O1FISNDWoHzykItvRbbOiY8PA_DEgHibHfLZ6KDQSE1o1xP0sfHm4jUPevLAk1w1A0qwqNHKfpF4vqmQFJ0YczuBap_aglhwDwhFZPPLsGjWD4gLcRhgvGLGkbNCpgafYkPmEZzu6HsL4EGZqj9RNwUhaHIVL5oFxpHcwZfmYNVj-nM6EjJp1Jhqp60o7QRaWGqIvhu2nM_jAr5r8ygh4z9HsxyiF_HrvpqFLkYsjGKos_O28uEVEvJkcGxTzJ9ylzDC2Q9Qe9x3FIt78V1pdqTgx2VaIl-fZEBbZrF-eZuqBLTBSLct3qvrtYKE5Z_2x0Y0tU35U9d2VK5oEC5LwbjYN9wDRNxOcBH-cfHYmtAZEqXvXqLR3jfBuK3lRo38nSt82IHEqyAf2A_XLFbRjFfCHhxkR_XMflkNVn8mCRQzaFA&cid=CAASEuRohB1f1SgE_BGDtmR-Pb-68g&rfl=1%2Chttps%253A%252F%252Fwww.kristv.com%252F%240

Requested by

Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c61b3b43e4345655f81ed2382ba642a56e6dff030d1698b5deadb6c142f0008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19090
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B32 42 B
154 B 67ms
53ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3R9E1f7miD9fEYSTwGXyFd4wzrxOw-CGDn0QW5aa_RyYTuuF-nlWm8p4mMn8fBIfOAHO1ndN1if-sm3OqUQtDvq3n0aQRvr7x7nVjX4DHv4kzdyw

Requested by

Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 1B32 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 01:40:25 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B32 117 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 01:46:04 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 1B32 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 01:24:47 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 1B32 0
0 15ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFZUbS6-FqWGLT40QI150d0j62L55hzG4Vo_Va-QaRvgqdxx3YZqex7q9Dii2Zlf-wpXDGsEcgeMTuc_3HpyGaywWmCA
Requested by: Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7EA2 0
0 41ms
41ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwq4xJu8m6fPvMJFEp1PcFf-x9J2GGK7KVdLqYDVBIjRLu_PuKiS2DW2c2Bv7cyQF44rDNWzgOIHP9Dbf8m6m0cnWw2KMNYF4LQYWwXF0pi-QCfvmM1nLnc7OHfnz2j7uaY_nOyYsTRutXcc3_UajjafCVZCk14OpHUgWZilRvGHPmsXy53mNvzaKJBYv76eBkK7Aauf4kGS2aYo5f73e6IsKckJj5a2hMVhysplsCL5m5ESec0ZfIPmOLyTHuOVxesiObyBYykQ-wlN4D9AsY__RErRyLrbuIot5UJOt1CZRkywMUdTPMZC2tLvUcOJqe&sig=Cg0ArKJSzCAxzv4JM757EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 01:46:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 21 Mar 2021 01:46:04 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame D2E8 170 B
232 B 3008ms
24ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhj69uyVATAB&v=APEucNVMg4aKPGOmYdVAapSbY1IZNymh0vbkeek2gn56fO0ZOiU1Ba_PkRKDU-Q1jP98975MMAmybwD6KJ0KCNuE7thgmh0nEvK-wMiLOy-D7KssXyEMzoo62SVAJPyGO32ETIiWqVMgJSuepKE0Ym5QkJ8QsBDHx-f2Vppfg0U19b31ESBgbHcmMrnALDJPxZMTyFBfrYT8exSI-xQHXuxjp9ThPX9oPA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D2E8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNbsJsUDpxxZ8m5NANHfwo&google_cver=1

43 B
1014 B

17ms
15ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNbsJsUDpxxZ8m5NANHfwo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhj69uyVATAB&v=APEucNVMg4aKPGOmYdVAapSbY1IZNymh0vbkeek2gn56fO0ZOiU1Ba_PkRKDU-Q1jP98975MMAmybwD6KJ0KCNuE7thgmh0nEvK-wMiLOy-D7KssXyEMzoo62SVAJPyGO32ETIiWqVMgJSuepKE0Ym5QkJ8QsBDHx-f2Vppfg0U19b31ESBgbHcmMrnALDJPxZMTyFBfrYT8exSI-xQHXuxjp9ThPX9oPA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 01:46:07 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 21 Mar 2021 01:46:07 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNbsJsUDpxxZ8m5NANHfwo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D2E8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YFalW7VstVgEp9oo4gDoVAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNbsJsUDpxxZ8m5NANHfwo&google_cver=1

43 B
1014 B

17ms
16ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNbsJsUDpxxZ8m5NANHfwo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhj69uyVATAB&v=APEucNVMg4aKPGOmYdVAapSbY1IZNymh0vbkeek2gn56fO0ZOiU1Ba_PkRKDU-Q1jP98975MMAmybwD6KJ0KCNuE7thgmh0nEvK-wMiLOy-D7KssXyEMzoo62SVAJPyGO32ETIiWqVMgJSuepKE0Ym5QkJ8QsBDHx-f2Vppfg0U19b31ESBgbHcmMrnALDJPxZMTyFBfrYT8exSI-xQHXuxjp9ThPX9oPA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 01:46:07 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 21 Mar 2021 01:46:07 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENNbsJsUDpxxZ8m5NANHfwo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 1B32 21 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCX7ZsHamwgiklpu27o3gDy_YI_fJZcd5p7Y8vmXDW6APZb42j_ubTdiNAqvCN2prdRZhGTkBzmSymc66ADS9BXufHTpB385enRSBkZrKbRC1mtM74NJ2R_DOd3WMoEg5ssvZ3Rten_F2xX8pR4frUwljKYQ&dbm_d=AKAmf-Bz3jEIU-_dc28dGd_UbxETczTLNApTpdcG4gm39KrFdW23bid2UJ-XcZEJDQihWwhm8w0U45JkQw5wbxVTwDTkNQ8qZCXRtC6fJQwEe-RpqR4pnKf4GazPn49FntK5t5fDybeNClP9d8PWuGI3drcjWVMkc4i7QEB_B-OymhtY8Ph-UkpjD_oVXIEftS37e45fh-dLZV4iNfbNPjiQiLMkTf25c6O8GEx8zyO4ctj-M7-NXk7J1neVI14hHVUqHZjK265O1QFk16bMzPLmLGqSDSn4utDWvGh2oefUtzrGsjQVkZkfyRr-UsBIt5N4tYWyb8i3PhKaPohwOIQWclRivydA_IqkSyIkAEGbQIPrDplvGVHlYEMwR7-7N974aFnFVQlbOw42lGCuFuHJco0d5K83TP32vUdpIx3Qc16FH1U9UptW-FsuzsgqWR1LE3VkS8a2z-dyJpYSO0_e0rucOLAObyCoJtaQ8pnTLORYrOUGsXfdGf7urp_ufl3e0e84B6fAWgurNGSnh-QAO8FY-7UifTGgszFle1DuHde7MXGfnJuMMnu02MQIc_2p0UDSkJE-vKsUaZCIYSDhqeRTz2E496H2sWKh_gkh9UipNSl1Pdc-huPnCehf5Fm-H2eD0FUmQNTr0dBJkhyEC3RYwhkwjtADy6UN62w5x7jg2XRLJrgfYcHwG4w3_2H_W89NtyW2yklOyMLEw57SLTO37NoMkvD37bTaA2RuTTyLKctZF3Q3llQhE0BEQghHhp1GUfaXCk_sbTskhJ7XrckNZUgywoL_Jc1rhgfDsiTRjwDdWT4YU1JTZtaZYnm7DCLkExkryRcwPzqLL-9GLyxOg22aedNHqEC4k9wAnDHI15WwCaXFBZ78c75dnftre0H2bhs-pYw_M23s0ruWYseJEcoIIJguBmZKivHATfzbQYaemsuwVqhWWlnwAi3CKzkjgwe-znb8sI0zYPctabAySXf9pDiPyeQjza5FiBEV1M-6BpsCLUInOUgLhYhLnYORP6B7rC4RF7EofM8Q-rUOLGLDwRzlP_vuntOQsCyEiDSohQ4zhWDjEclk21QfI7WWQdinj-Y4FGRVTKs9C1jE-EKMOlLal-zNYhgkUWkD64Rt9btHGcTIT3-D1MMtbogMkjczm4C5NpFJpUt1JPsntDtD8u2fJ4AMQBSMaAaDSEwNGWf7jj1fH-4NQDyJvzTLXu_0NQpy59vnq8-VMIn5mUZO36h3y61kBXXh41iiNqkaOkuxmqhdKIUoIa_215QfIDbR62lZEJAjN_ycPn9zw-nicSTKari01XkwdzXvBzYaTBSk40TXs-TYLtghKfdKVxdKomzqZl_-3iiL8EU1oMRovsXdpvRIZm-3-IgJflYgBgldc8AwpbD2IKQKCLdvQC04qn9pOUBjD08VDCk0sfNrxN6U64A2ujbZFZinJCRgncWYd4xR3Tmy4EnRJRlMIFpqyyY77u0Z1ZCDNucY_qtK7GbcC6_6Dp1WS04DRZ21eGeK1U5p0Bmfo_Z-dvY0tYwIJaMXlrKOx2hQZujxu1oii3atoP534Ui0dXkNKiOQAb1oHWyk4YQQyjCm6-_9KqwjzgYMejAGJirlB2AXa1J3-UA5dxtvDz-73rwsJqTs-KFwwFXYh0ge6gro6OMgl4FUZTB05DBD4oF7A7OLrKx3Hsoj71bFvj5c_erscGByWJY88QOjFAHGMalRBDnlpPFdI2e0tA0CGoxi18DWgsQvBliR5yj4rOlPsQLosNvHdldaI87kjQmUHKWAIbi-1zacinhIus9WovkjRnsTN_K-a_3XPCLs0ky6Ddp5pKQ1h3dOt-Ni9jodRCTGOV725UkczdHpbiokBR_yULzVpygLOzp1gtDSXKKZkDVxGHXpmPSSmqDs6ylYTFlbbig8tBFZ-18bVa7RlE7yE1slCrQXICMlDV5FNJPTMg2T2gxbhoO14ohEV1ksiRGg9jXfy9fCqCKbqLWZcfYdhTSFtvPpjSgDCACZZhS0-J0Ng_HUHsz-z-gYlsphcAnOCQhj729x8N6ceWbXSO2EKncOAO4xysJFQqiwtIV3hYYquaTIZKzNIBA1-3rhs6sGx2XvXZQNV-65axrZfbI53VfQS_6qatZrVgNhBVwOLkTwWVz7i98ir8pQca_pRa6GTnIQdcR9308O6EUmdAXRBA__jBSAMyg05yzQo4Oh_ply3kvV8PIzu5eX-CNQXQNUvhlzmcS_q9xH4vMEVuA1-4VuLiQpsgigy07rrJgTF8mpYxV8kzy3hRA48SccCUcixiKkO53WHk8n8SyKKuMWrSJj6kufGAD2DwI7iJoEOPRCeH2Vf53FCLgVapcPrC0q4yWywHOar2HzVmV8Jy1UcFUUlOX5XzGazTo1R7cWKf1hrPeXKF1cYOLGs3aGeJzUBcVKesgUjpUvs3I6ZG3QbPaELEQMaChdJ12Yu8Y_3gbFxinaQ0l-RWx0nPDuG_EbsaYo2GlKfbloncZUBeQn_qlK9UUGU-EjJr1FIEdsQlfTth9sx3ofCTgV6quzRwpeXyfjZcettCpS88q-hE3XLTBytLPnfG1xGCBnHxi4REFZcW2O1FISNDWoHzykItvRbbOiY8PA_DEgHibHfLZ6KDQSE1o1xP0sfHm4jUPevLAk1w1A0qwqNHKfpF4vqmQFJ0YczuBap_aglhwDwhFZPPLsGjWD4gLcRhgvGLGkbNCpgafYkPmEZzu6HsL4EGZqj9RNwUhaHIVL5oFxpHcwZfmYNVj-nM6EjJp1Jhqp60o7QRaWGqIvhu2nM_jAr5r8ygh4z9HsxyiF_HrvpqFLkYsjGKos_O28uEVEvJkcGxTzJ9ylzDC2Q9Qe9x3FIt78V1pdqTgx2VaIl-fZEBbZrF-eZuqBLTBSLct3qvrtYKE5Z_2x0Y0tU35U9d2VK5oEC5LwbjYN9wDRNxOcBH-cfHYmtAZEqXvXqLR3jfBuK3lRo38nSt82IHEqyAf2A_XLFbRjFfCHhxkR_XMflkNVn8mCRQzaFA&cid=CAASEuRohB1f1SgE_BGDtmR-Pb-68g&rfl=1%2Chttps%253A%252F%252Fwww.kristv.com%252F%240

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70d82c6075989e0082b4917c6685f5f6bec1e673d0a80160eac61b3f1cdcb1a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1979
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8471
x-xss-protection: 0
server: cafe
etag: 753583566593306265
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 01:13:05 GMT

GET
H3-Q050 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/ Frame 1B32 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 01:37:31 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1B32 0
107 B 1334ms
47ms Other
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDbUYYvOX93XPhJQTsIrmNL8JQ6vqJWllePvI5XbLadllZTVsg1Nekm2u1S2rmXI_I23wUMbGSRiInCD4DiobfBg2Kv1V8nZZQGwsZS_dpeLIA81iiU2WPftd2SubhnUxj92EMCDziN4CeXwQ1mfK2SEvXlOimryz1JjrvdnsGzYwuownKBUpaY3BinBT8pmd7DOKdVHMYCnx7ZdY-azXnOw7mkwpePQ9XWEcKy4iU86L-Xi7StFsvFaJRZhzudSjxC4QQ7oo91BhLT-xkGRGADDqFVVphTAYoXp3AinRoZ-tLwITdgEwcQQE6qVfy1aXs6v4fmGCWFrRkKN-VrkL3UajixSG8NVzvil57l9F5JFf6ohwjdP7DL_NsyJz5sumTqjDe_u5YpM3OFCjUduu7zb1vJcTBj_eZz8XPRQ7BUrtHTa-TddB466GXNBMS-09lRCDavcue_mbtxSpE_f7YvXrpGHbXPAZdB2-Zbs7dhBsMtB1Kr9BHBf-R7wzADKFTK7AzyTDqb-pcJf2946LUJlikHdKIXNPzb96i84v1yHK0byRI22f1Iu1bHrW1T-tFAgHT-MizbZ2rPpn9fym6hyuT5ChwNxZPbt-ReSv4p4qTLUNjHzRX7QViHOG6pTLzvg1aTylI-UuRhCjfccfd4As9P0j2AEY-SjmDKc9BQQ-1wEEad7vzDHm-pSD7dJxP6iFfEOemtAQLty-Sa_MoGiYbyo6CdjkSlRVS97BhuJ4H91v74oLlnM9g5GFD4w8swy0BA1Yz6q9yxhPxLzgKey-HpP0h6oYaTgSioIDPV3QXidz3XJyJ-WEpGLc9Lmbq0kgbziXLfG5ivSid8e6p0vSjBr_uGDgFNSB7VV0ymLEpYZvh3__0Hh4m8Kkde4d9UbZJkh_bJE7XyCDlOOIF5z1u4u8NTnxlF-hnqKbRTr-mbXk_Tg09wA1LLEmPP0DpxyaN2jw7UNh4ER-o0AGkavUDlhfCw2qD-MxqMpxz7oaH6z-C5NvQ0DvVKUpLHneGtYNN4WIgHVKhBHKMj9Kkmx0krIqghxJMIn89QmfKImmEBFaqZ6U1jkG7jiNd47Dni-Wm7ftxHnuYL2DQV_6_IkG1VKiARxgRA-dsw-8fKwi42yhJO9ZxLQmRNOfnJhhDfqKrNEihKRxgUmPf4nzbzjN9Z_DvCCfZkMCNifToj-n0gPkKCr1iljJJxR3cV5AN6kKa4Gt0PoVwzhtfj0F8zMzevJHBXTQqVFLUfFMJEf9W&sai=AMfl-YQofpLhXOcI5-XQxKefupuCHqmDf5txQByTd9aCynsrFVwY9FWTRvZW8nW5wXCnSCZ4GPksZOq1E_qzHT-7WxAja_Dn3D4nszlR1DPqdmfj43HJAJs5jnNYx4GD1OWZddfudbWPFnLBwdWU_WnYcr_yXtzyXJqo6a61knqQ_CIZ3Ve5k-DOYA&sig=Cg0ArKJSzKM0N4lmO7nMEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210316.96417&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 21 Mar 2021 01:46:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B32 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121864
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 15:55:00 GMT

GET
H2 200 DE_On_M2_GDN_728x90.png
s0.2mdn.net/9504762/ Frame 1B32 20 KB
20 KB 27ms
7ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9504762/DE_On_M2_GDN_728x90.png

Requested by

Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaa7aec31ce828cc26dc35d25917156a3a2fa18a1b8bd5213ff750cc298f362d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:45:31 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Nov 2020 16:14:55 GMT
server: sffe
age: 72033
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20112
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:45:31 GMT

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 78CE 1 KB
854 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 20 Mar 2021 16:59:40 GMT
expires: Sun, 21 Mar 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 31584
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9EB2 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Mar 2021 15:58:30 GMT
expires: Sat, 19 Mar 2022 15:58:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 121654
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1B32 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ecab3b6160a68ff7b6cfb589efde1855e951e17934fd7718865ce4de655ff77

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1B32 0
528 B 1271ms
44ms Other
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 01:46:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 78CE
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEONirKvVsezdkWTPK7KPrZw&google_cver=1&google_push=AQvitUJet824E7WREf91rKQxVtRpa4_aDpcOlagB7sPkl7hvs7aZIGVse98S7xITVj5LqWSYM17oIPl90YHTpkyfG1BU0SaNKZ8
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=100B8B7951354F8183F57A45FEC957DA&google_push=AQvitUJet824E7WREf91rKQxVtRpa4_aDpcOlagB7sPkl7hvs7aZIGVse98S7xITVj5LqWSYM17oIPl90YHTpky...

170 B
232 B

2875ms
23ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=100B8B7951354F8183F57A45FEC957DA&google_push=AQvitUJet824E7WREf91rKQxVtRpa4_aDpcOlagB7sPkl7hvs7aZIGVse98S7xITVj5LqWSYM17oIPl90YHTpkyfG1BU0SaNKZ8

Requested by

Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 21 Mar 2021 01:46:04 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=100B8B7951354F8183F57A45FEC957DA&google_push=AQvitUJet824E7WREf91rKQxVtRpa4_aDpcOlagB7sPkl7hvs7aZIGVse98S7xITVj5LqWSYM17oIPl90YHTpkyfG1BU0SaNKZ8
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 20 Mar 2021 01:46:04 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 78CE
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEMVUeEJLTs0t1gBlViZqMgo&google_cver=1&google_push=AQvitUKZPUIU9L1yJ8Hk-rEJu6SSF_oXJ3dsF5JSrBV8BOReYy_3wv_ZdMjT3afW1SmgilLNXm9Bjmp...
https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUKZPUIU9L1yJ8Hk-rEJu6SSF_oXJ3dsF5JSrBV8BOReYy_3wv_ZdMjT3afW1SmgilLNXm9Bjmp1_--7HKfmr3mkHYC2enM&google_sc&google...

170 B
232 B

1761ms
23ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUKZPUIU9L1yJ8Hk-rEJu6SSF_oXJ3dsF5JSrBV8BOReYy_3wv_ZdMjT3afW1SmgilLNXm9Bjmp1_--7HKfmr3mkHYC2enM&google_sc&google_hm=EBAQEA

Requested by

Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:04 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUKZPUIU9L1yJ8Hk-rEJu6SSF_oXJ3dsF5JSrBV8BOReYy_3wv_ZdMjT3afW1SmgilLNXm9Bjmp1_--7HKfmr3mkHYC2enM&google_sc&google_hm=EBAQEA
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 78CE
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEkzXmtqQhD69IDZfAWznJY&google_cver=1&google_push=AQvitUIA3oL5rKaDkQMjAkoPUokk7oeP1hh4dqIqPl4m2ryu4jjZpVQFAyk3WEAHggeTxLGiOJ1lFUxIrCI6HK...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk0MTkxNzY4NTkwNjAxMjMwOQ%3D%3D&google_push=AQvitUIA3oL5rKaDkQMjAkoPUokk7oeP1hh4dqIqPl4m2ryu4jjZpVQFAyk3WEAHggeTxLGiOJ1lFUxIrCI6HKeoSW...

170 B
232 B

2891ms
22ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk0MTkxNzY4NTkwNjAxMjMwOQ%3D%3D&google_push=AQvitUIA3oL5rKaDkQMjAkoPUokk7oeP1hh4dqIqPl4m2ryu4jjZpVQFAyk3WEAHggeTxLGiOJ1lFUxIrCI6HKeoSWdPyVBwww

Requested by

Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk0MTkxNzY4NTkwNjAxMjMwOQ%3D%3D&google_push=AQvitUIA3oL5rKaDkQMjAkoPUokk7oeP1hh4dqIqPl4m2ryu4jjZpVQFAyk3WEAHggeTxLGiOJ1lFUxIrCI6HKeoSWdPyVBwww
Date: Sun, 21 Mar 2021 01:46:04 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET match
um.wbtrk.net/doubleclick/user/ Frame 78CE 0
0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 78CE
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
https://sync.targeting.unrulymedia.com/csync/RX-8776ac06-fc5e-4542-a816-48aa12c41222-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUKUP4TXB9w6BI0Wv5xHZ...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKUP4TXB9w6BI0Wv5xHZH9cFGalCkoJrMjMqVWGBIAZuroOu7WxVrk2yk1G1EpMdPcujtDw1YQJ3OHh2qNiPeTjRZW8wsE&google_hm=A4d2rAb8XkVCqBZIqhLEEiI

170 B
484 B

45ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKUP4TXB9w6BI0Wv5xHZH9cFGalCkoJrMjMqVWGBIAZuroOu7WxVrk2yk1G1EpMdPcujtDw1YQJ3OHh2qNiPeTjRZW8wsE&google_hm=A4d2rAb8XkVCqBZIqhLEEiI

Requested by

Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 21 Mar 2021 01:46:07 GMT
Server: Tengine
ETag: RX8776ac06fc5e4542a81648aa12c41222003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKUP4TXB9w6BI0Wv5xHZH9cFGalCkoJrMjMqVWGBIAZuroOu7WxVrk2yk1G1EpMdPcujtDw1YQJ3OHh2qNiPeTjRZW8wsE&google_hm=A4d2rAb8XkVCqBZIqhLEEiI
Connection: keep-alive
Content-Type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 78CE
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENopY87q59URCJeYZtCaDGI&google_cver=1&google_push=AQvitUL-sXAhey1lZIX-8mHuSVddNQ6rvmWvTGY_5qMNq1oHUBC0vLlxMB1sb8jzGN6DpNcWvpsP0X...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUL-sXAhey1lZIX-8mHuSVddNQ6rvmWvTGY_5qMNq1oHUBC0vLlxMB1sb8jzGN6DpNcWvpsP0XuW6_ZFJ1FZUu7fmsNBo7I&google_hm=MzYwMjEzMzM...

170 B
232 B

1771ms
25ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUL-sXAhey1lZIX-8mHuSVddNQ6rvmWvTGY_5qMNq1oHUBC0vLlxMB1sb8jzGN6DpNcWvpsP0XuW6_ZFJ1FZUu7fmsNBo7I&google_hm=MzYwMjEzMzM1NzAwMzUwODQxMQ%3D%3D

Requested by

Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUL-sXAhey1lZIX-8mHuSVddNQ6rvmWvTGY_5qMNq1oHUBC0vLlxMB1sb8jzGN6DpNcWvpsP0XuW6_ZFJ1FZUu7fmsNBo7I&google_hm=MzYwMjEzMzM1NzAwMzUwODQxMQ%3D%3D
date: Sun, 21 Mar 2021 01:46:05 GMT
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 78CE
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPIflaCumShNi2cqvwi-qJk&google_cver=1&google_push=AQvitUJkwovAkTqyIsFwhRo2dGPFm5pMnnZGBefB7BKrygZJHL2cvx3S...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPIflaCumShNi2cqvwi-qJk&google_cver=1&google_push=AQvitUJkwovAkTqyIsFwhRo2dGPFm5pMnnZGBefB7BKrygZJHL2cvx...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAzMWU3ODhmNy04OWU3LTExZWItYWNiZC0wMjRkOTljMTQ2MTA%3D&google_push=AQvitUJkwovAkTqyIsFwhRo2dGPFm5pMnnZGBefB7BKrygZJHL2cvx3ShEODcu9_H2...

170 B
232 B

2849ms
21ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAzMWU3ODhmNy04OWU3LTExZWItYWNiZC0wMjRkOTljMTQ2MTA%3D&google_push=AQvitUJkwovAkTqyIsFwhRo2dGPFm5pMnnZGBefB7BKrygZJHL2cvx3ShEODcu9_H2Hdy7Fz_vpl_52yTskN23SGVC9n1bnYc6A

Requested by

Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 21 Mar 2021 01:46:04 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAzMWU3ODhmNy04OWU3LTExZWItYWNiZC0wMjRkOTljMTQ2MTA%3D&google_push=AQvitUJkwovAkTqyIsFwhRo2dGPFm5pMnnZGBefB7BKrygZJHL2cvx3ShEODcu9_H2Hdy7Fz_vpl_52yTskN23SGVC9n1bnYc6A
Connection: keep-alive
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 78CE 0
50 B 2901ms
20ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kwl10pVzTrKcq11RklOjve4W4rsMGX2Cd1v1QJugSIUim8WlBWN3Fdqruh0LesqqVwHh7oGA

Requested by

Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:07 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9EB2 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 132064
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&id=1&f=0&j=&t=1616291162368&de=895261647171&rx=526810203966&cu=1616291162368&m=1930&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=4026&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A562%3A562%3A0%3A589&as=0&ag=80&an=0&gf=80&gg=0&ix=80&ic=80&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=80&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=159&cd=0&ah=159&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.kris&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=1063179286&cs=0
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Mar 2021 01:46:04 GMT

GET
H2 200 ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 1B32 44 KB
15 KB 7ms
6ms XHR
application/javascript 2600:9000:21f3:2200:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
Requested by: Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2200:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ab4562ae39fd46d0dcee10f45dedcc035d27c453587f849bd605014a1304f082

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 00:09:16 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
age: 5808
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 14400
cache-control: public, max-age=14400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: *
x-amz-cf-id: 7GXFGjMBM8NXUlbBdjcbRN94JnZs2DUDoZ-Z2AxFWEFgpECFmrTI7g==
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)

GET
H2 200 /
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame 1B32 42 B
132 B 112ms
112ms Image
image/gif 3.141.126.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=707627&referer=https://www.kristv.com/
Requested by: Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:04 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EB2 0
25 B 45ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bpt8CXKVWYMCkCYPG7_UPguyP8A4AAAAAOAHgBAI&bg=!iYqlis7NAAbUo7L91KM7ACkAdvg8WvdS6FQ7MG4fsP8ctggJcB7ZJ9v-X9yInnJCHMr8J82dMGYUNgIAAABPUgAAAEloAQcKANqsJGZFXtXWObMgClcbZuixc6aBCz1DGjrG1Faxq7DcQ3MO0_AqUVtlvPxA5oMOZEGN8Rp-9AdpDeUiXfoGm3Z-Ju11JyH1QHpGQxie_Ag2Ap9zvk4X2B7JHyDUAZdP0VurDnb0KUW8EAiIhelVqw7A4vOzU4svv4erBEn6biyVu0-lVb-N9kRyiy7P-uJUQ9o6o7K_jxMVxMozuG8_ibrEVQRZ5VP9TpO-KCqs3IxRu-PgLJkoL99dz4UgEkSGVfv0GG2ksK6Q3XmOybiIGwXfDEyY30x5Nn4wjJkCZCyuIO8wrvzDjXiwtD-GOp3qWs8d3ng2Q7_v8o_2aBlT_hd78f5Zz-X9pdSV-FA2zwgkGjy_dMpNiuoYLEuPkDbFj3JqAqJls74Ev4jeY7DE2Z7irDlOPVLJdFIWgLcqijZCv5zHewyVyLJKETR6ssZQj8HgnxRI3eyzm5noKz3YWy5-vCFgz5q2ZB3U-S-nnDmMvae5Q5YyBvvNg61W0bt_9wYzKG_ZfCjw-zco0g-SLy8FNa06_ERVsniyobYqTUhTBc5hVNPTz7KjAkNnXZdR-d8ejadgpYQ8IWt_sUEeqRMiFLIJMcIcatmV2FAgZSNeWYkBRhAt8JghLa9lj0cdYfhkwoj8F6NIrIq0kbXDEUx4UTQ7Qh-gTM1Y3O_pjG8_WPjNu3g4i9v0CvxBbKb2GwTZI5NihiZ5Qz0XHJp_HR6uuziZ-avjybCb_LTVtNdZVsqzBKarvKeacudaylQv96JCxG80meFWNKXFxQPTC3iqe3LZ5sSNxYd8rT8BffaDkWmfaynDcw-xOpO4FRYPvRVKU0Joq08hfeTNYeCpJa69QAUG-xxfMsN4AvhyZ1Tlji85-71HYZq7ozgf5QeVjNQ-igwqDmaugVcluXKxRI1VW6BrZZDWBaWlU-H6J1VWUfs0qpwPU3U9iRs1P1J8eq3fyMBS7EfdhI8KjObzBYe87HwaBger7c32ye1yu8RvPYEDsv41R4qjciz2CRg9t1lgiQMmYGfEotH88mdHgjtpYot9GqNw5tm7uwtVR5f0EEpyK3NNI8edhpCmZG1RSLQol5eSNOq7qNa-qbj-Mwjxmg

Requested by

Host: 3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
URL: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.gif
e.serverbid.com/udb/9969/sync/ Frame B55B 0
44 B 99ms
96ms Image
text/plain 167.172.1.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=38cf4041-eaaa-0d0e-3519-1db556f9b4cb
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:04 GMT
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B55B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f3786056-a55d-4700-8abf-737ebec89590

43 B
106 B

16ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f3786056-a55d-4700-8abf-737ebec89590
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:05 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 21 Mar 2021 01:46:05 GMT
Server: MT3 3611 f10363c master zrh-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f3786056-a55d-4700-8abf-737ebec89590
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 21 Mar 2021 01:46:04 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B55B
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1r9e54G6XrDN7Fq32LxG4IS3DbPNuVrg1rd1-DeA

43 B
180 B

17ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1r9e54G6XrDN7Fq32LxG4IS3DbPNuVrg1rd1-DeA
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:04 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1r9e54G6XrDN7Fq32LxG4IS3DbPNuVrg1rd1-DeA
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B55B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2858789802235421228
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2858789802235421228

43 B
106 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2858789802235421228
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:11 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2858789802235421228
date: Sun, 21 Mar 2021 01:46:11 GMT
via: 1.1 google
server: OXGW/16.203.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame B55B 70 B
264 B 6851ms
62ms Image
image/gif 34.252.253.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=7552ea56-0fce-323c-70b0-05d686bcd83d&gdpr=1
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.253.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame B55B 170 B
506 B 2609ms
20ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTkzZDM5OWMtYzZiOS02Yzk4LTY1NTAtNWY2ZjRjNWUxNjVk

Requested by

Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B55B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAHQK0ARSzzWyjxIlmRwBdo&google_cver=1

43 B
106 B

17ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAHQK0ARSzzWyjxIlmRwBdo&google_cver=1
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:07 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAHQK0ARSzzWyjxIlmRwBdo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3935 42 B
479 B 66ms
53ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOHgvwSTGIP3QalrwTyt0BnBhpDdscppdP4T1_7BeC2lxX2FQtUum7obPIiHqINPQpkY7OzkZs2ikdmXyNfvv6rDQIzQ05ElOQa4SLnT4&sig=Cg0ArKJSzCT2cVspK3d4EAE&id=osdim&mcvt=1000&p=154,436,244,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210317&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2137532573&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616291163754&dlt=0&rpt=319&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7EA2 42 B
66 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssB1o5EYGZUANh1cVD6f5A-1UGDiEXfat2hjct-vFzAYTppPedSEwe5C4XC9vbe-2ohuSk-KpvSU3wbMdmOKdFGMlALX_Aw1vHWZcC-F2k&sig=Cg0ArKJSzMyPr6HdTFesEAE&id=osdim&mcvt=1000&p=823,975,1073,1275&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210317&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3280590524&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616291163787&dlt=0&rpt=340&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B32 42 B
66 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHtUmhVbmBQi1TNxKKp9X0Vnptu60hKrb9USVFfz5r3CBS12WQasqyEjYjJam5UHg7HqiuN4acsai4530F-GoJqr9ews1Qe7WU9aTYgOzsfEjM45iv5aINseUY3w&sai=AMfl-YThro3rVaQ0jwEttR8hpZwH7QcHxihrr9OVU5IGemYGeQutsXLLEHpqJAK2rPn_iVuk2zj9Nz81kdWJLYpfdhciOK7PKA1oLKKJPs38HyIC77uF4-R4IJMUzABH&sig=Cg0ArKJSzGSMuXS7zma3EAE&cid=CAASEuRohB1f1SgE_BGDtmR-Pb-68g&id=osdim&mcvt=1001&p=1106,436,1200,1164&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1903102124&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616291163787&dlt=55&rpt=458&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&id=1&f=0&j=&t=1616291162368&de=895261647171&rx=526810203966&cu=1616291162368&m=2977&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=4026&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A562%3A562%3A0%3A589&as=1&ag=1130&an=80&gi=1&gf=1130&gg=80&ix=1130&ic=1130&ez=1&ck=1130&kw=1008&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1130&bx=80&ci=1130&jz=1008&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1008&cd=159&ah=1008&am=159&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.kris&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=878803529&cs=0
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Mar 2021 01:46:05 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&id=1&f=0&j=&t=1616291162368&de=895261647171&rx=526810203966&cu=1616291162368&m=2978&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=4026&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A562%3A562%3A0%3A589&as=1&ag=1130&an=1130&gi=1&gf=1130&gg=1130&ix=1130&ic=1130&ez=1&ck=1130&kw=1008&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1130&bx=1130&ci=1130&jz=1008&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1008&cd=1008&ah=1008&am=1008&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.kris&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=874036959&cs=0
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Mar 2021 01:46:05 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&id=1&f=0&j=&t=1616291162368&de=895261647171&rx=526810203966&cu=1616291162368&m=2979&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=4026&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A562%3A562%3A0%3A589&as=1&ag=1130&an=1130&gi=1&gf=1130&gg=1130&ix=1130&ic=1130&ez=1&ck=1130&kw=1008&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1130&bx=1130&ci=1130&jz=1008&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1008&cd=1008&ah=1008&am=1008&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.kris&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=1439767521&cs=0
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Mar 2021 01:46:05 GMT

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 9431 0
587 B 88ms
22ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Sun, 21 Mar 2021 01:46:05 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
8ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&id=1&f=0&j=&t=1616291162368&de=895261647171&rx=526810203966&cu=1616291162368&m=6991&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=4026&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A562%3A562%3A0%3A589&as=1&ag=5145&an=1130&gi=1&gf=5145&gg=1130&ix=5145&ic=5145&ez=1&ck=1130&kw=1008&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5145&bx=1130&ci=1130&jz=1008&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5023&cd=1008&ah=5023&am=1008&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.kris&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=87714013&cs=0
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Mar 2021 01:46:09 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&id=1&f=0&j=&t=1616291162368&de=895261647171&rx=526810203966&cu=1616291162368&m=7194&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=4026&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A562%3A562%3A0%3A589&as=1&ag=5347&an=5145&gi=1&gf=5347&gg=5145&ix=5347&ic=5347&ez=1&ck=1130&kw=1008&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5347&bx=5145&ci=1130&jz=1008&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5224&cd=5023&ah=5224&am=5023&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.kris&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=698330081&cs=0
Requested by: Host: www.kristv.com
URL: https://www.kristv.com/news/national/banks-starting-to-release-stimulus-funds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Mar 2021 01:46:09 GMT

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame 4A2D 0
295 B 116ms
116ms XHR
multipart/form-data 18.190.13.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.190.13.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-190-13-23.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sun, 21 Mar 2021 01:46:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.kristv.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 36ms
17ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11331ccba25ab1080ea2b5fbcb00dbd9618eff8d9cc8124f919700b52dc27fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 01:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6482
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 21 Mar 2021 01:46:11 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 66BA 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kristv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kristv.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 20 Mar 2021 21:49:31 GMT
expires: Sun, 20 Mar 2022 21:49:31 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14200
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 66BA 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 132071
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 42ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031601&jk=3969547347303203&bg=!zM-lz4vNAAbUo7L91KM7ACkAdvg8WiNbD3EQqCXfY2hxCarU1BVvVuXU61ZUb4JlodvfPpM9MtNqVgIAAABCUgAAAAhoAQcKAVy10Z0_Q7WvsWdS7vj6epgypuuooVEjnUIiq-Qb-_acNCQz3aQYoW66jE2wTDhKQGbnj-xQpAe9m7wt3vvq9dswqO3r1lqv1QkJ39yD5W4iZvFeYnjQnvOp4PxNHsOSPxSOesDf1GkD_bL--CnwjsdqBQXzjBsOFeArj7x_xNovAL0hy867usse_hcEy8IIs0zPijMfTHPFlVcJzmRXeiXVE3Vi7pEhXgRaM--bkZ1kQII2OqMoseV85irr7qzgChTYnYnr20ehp-pXJRujLZbfn68oYmt25nJFbUmgHgbMY6TZ8iDV28LoICQglwfmsIAUDny-1rWIJgAp6ytuShS06LvnSoc8E67dPtuOeEJN82ZBhB7P3v2T5eiAcfe5tPYoV2lhA4ro3vJkzn6GdDrlVMcyyi5Pg-RqMTnjuCXeiHAn9X9MgK8oyqCUvCR61sVgMRABizvv8vPRYs-ZAcoGtNUwNg5loRQEDKj1dweNkx5OycoyydxRBHHwhF8Gynm4fvJAZCsOjNfTm9b6ggjrX_qwxNSdNq-PXyoSopd0xOe8_jJhOxehzraTCmZLX9JfA3Cx9Et10GtJ6yoW4u2TcizC3So6MOQ0OFm0JQaBjYMvukG5Bn4P4mAsZS9HLy0MYybEM6NhyXv3ohSwJM9QI_YTXxRcFvABUvrodkNx77urMfKu1G7lXSUQ_x_KUBwEVK4GVtsbSCvrgt7gC0hE315jV6xjScqZx0CCa1LAoG_YLwmWOeg2oDErs4AuBhqkoQlzcwBPpKCuhggZ2fR3e4Q9o8cP2n6CDjrAH9AkwV47VX2T2b0P4USJv0UJgnKPiMgnJEhkYqvlnrm97uBxM3zD8ftUt0s1cDDmE4wTETXPVbvsgvUsTrGDAzygBDVLFYVtdNnkN3tcBMMnS2MBCjrk_6dAPCe2ljUzBkGMd2dlcfhhN8UZrduq_i36A1cZ14COTthxqLlbhw6ur-d9eWPo0D6TZtAj2YEHe3Xpi0jcNzJOjQmtzjcuIW9NNzGMRy0BY_0uXNU1E5Fumnwbvd9KC_StMiF7AgLzOPu5diqmzGhgri-hhQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 4A2D 215 B
490 B 178ms
177ms XHR
multipart/form-data 18.190.13.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.190.13.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-190-13-23.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 5f3648c71b3f11081997a9bb03c78c1cc0478c24ceb7b1372c91d9ab89db7773

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sun, 21 Mar 2021 01:46:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.kristv.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
7ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&id=1&f=0&j=&t=1616291162368&de=895261647171&rx=526810203966&cu=1616291162368&m=12018&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=4026&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A562%3A562%3A0%3A589&as=1&ag=10171&an=5347&gi=1&gf=10171&gg=5347&ix=10171&ic=10171&ez=1&ck=1130&kw=1008&aj=1&pg=100&pf=100&ib=1&cc=1&bw=10171&bx=5347&ci=1130&jz=1008&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10049&cd=5224&ah=10049&am=5224&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.kris&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=670520114&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Mar 2021 01:46:14 GMT

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame 4A2D 0
295 B 113ms
113ms XHR
multipart/form-data 18.190.13.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.190.13.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-190-13-23.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sun, 21 Mar 2021 01:46:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.kristv.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&id=1&f=0&j=&t=1616291162368&de=895261647171&rx=526810203966&cu=1616291162368&m=17029&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=4026&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A562%3A562%3A0%3A589&as=1&ag=15183&an=10171&gi=1&gf=15183&gg=10171&ix=15183&ic=15183&ez=1&ck=1130&kw=1008&aj=1&pg=100&pf=100&ib=1&cc=1&bw=15183&bx=10171&ci=1130&jz=1008&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15061&cd=10049&ah=15061&am=10049&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.kris&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=149404831&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Mar 2021 01:46:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=4&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=8&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kristv.com%2Fnews%2Fnational%2Fbanks-starting-to-release-stimulus-funds&id=1&f=0&j=&t=1616291162368&de=895261647171&rx=526810203966&cu=1616291162368&m=17230&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=4026&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A562%3A562%3A0%3A589&as=1&ag=15384&an=15183&gi=1&gf=15384&gg=15183&ix=15384&ic=15384&ez=1&ck=1130&kw=1008&aj=1&pg=100&pf=100&ib=1&cc=1&bw=15384&bx=15183&ci=1130&jz=1008&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15262&cd=15061&ah=15262&am=15061&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.kris&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=1264453946&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kristv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 01:46:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Mar 2021 01:46:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: um.wbtrk.net
URL: https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEGWiA_ZNDYwXd7zGwnQ4UxU&google_cver=1&google_push=AQvitULmmK5mi8SCRrOFJfTGqhnSbhjYvF56E2m_XnjQW0Wb5kfojww3o76KnDC4evM-mTqVMWKCsHL4stcYYxJs1-lz3Vnor1c

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 17:41:23	Name: PugT Value: 1616291169
.openx.net/	1970-01-20 01:43:47	Name: i Value: 91797a1f-30a9-42fd-9da2-c8352ad829b5\|1616291171
.pubmatic.com/	1970-01-19 17:41:23	Name: KRTBCOOKIE_391 Value: 22924-1134697904403359013&KRTB&23263-1134697904403359013
.pubmatic.com/	1970-01-19 19:07:47	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 19:07:47	Name: KRTBCOOKIE_377 Value: 6810-9fe3b101-81d5-4829-91e9-5d4dd1d60d21&KRTB&22918-9fe3b101-81d5-4829-91e9-5d4dd1d60d21&KRTB&23031-9fe3b101-81d5-4829-91e9-5d4dd1d60d21

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 8) Message: we are running the javascript modules
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 6) Message: starting the state machine
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 8) Message: gooooood
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 8) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 8) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 6) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 8) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 8) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 6) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 8) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 8) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 6) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 8) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 8) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 6) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 6) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 6) Message: the end of fetchschedules
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 6) Message: STATE ISwatch
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 6) Message: WATCHING
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 6) Message: TOGGLING ELEMENTS
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 6) Message: REMOVING HIDDENhttps://www.kristv.com/videos
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 6) Message: REMOVING HIDDENhttps://www.kristv.com/videos
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-17be-d69e-ad7b-57be60550000/styleguide/All.min.a63cd259008c90923851e9c737c245fd.gz.js(Line 6) Message: REMOVING HIDDENhttps://www.kristv.com/videos

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3795115b0143498c834b32d93ccf019d.safeframe.googlesyndication.com
4394967.fls.doubleclick.net
a.tribalfusion.com
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
api.ewscloud.com
assets.scrippsdigital.com
aud.pubmatic.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
capi.connatix.com
cd.connatix.com
cds.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cs.emxdgt.com
d25dfknw9ghxs6.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.serverbid.com
eu-u.openx.net
eus.rubiconproject.com
ewscripps.brightspotcdn.com
gift-connect-d.openx.net
go.sonobi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
hblg.media.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
img.connatix.com
includemodal.com
includemodal.global.ssl.fastly.net
lit.connatix.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mb.moatads.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
mwzeom.zeotap.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
p.typekit.net
pagead2.googlesyndication.com
pbs.publishers.tremorhub.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.moatads.com
r.scoota.co
rtb-csync.smartadserver.com
rtb.gumgum.com
rules.quantcount.com
s.skimresources.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sejs.moatads.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.ewscloud.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.serverbid.com
sync.targeting.unrulymedia.com
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
um.wbtrk.net
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
vid.connatix.com
visitor.fiftyt.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.kristv.com
x.bidswitch.net
yummy.consumable.com
z.moatads.com
um.wbtrk.net
104.108.50.124
104.108.64.33
13.226.158.204
13.226.159.114
13.226.159.22
13.226.159.82
13.226.159.89
13.226.159.90
142.250.185.194
142.250.186.102
151.101.114.137
151.101.114.49
151.101.13.194
151.101.13.44
151.101.14.132
151.101.14.137
151.139.128.11
167.172.1.14
169.50.137.190
172.217.23.98
178.162.133.148
178.162.133.149
178.250.0.163
178.62.202.251
18.156.0.31
18.190.13.23
18.195.155.181
184.30.24.22
184.30.25.193
185.29.132.69
185.33.220.241
185.33.221.87
185.59.220.197
185.64.189.110
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
185.86.137.122
185.86.139.89
188.42.191.196
198.148.27.140
199.232.137.44
2001:678:cb4:bbbb::11
205.185.216.10
206.189.254.17
213.155.156.167
213.19.147.151
216.58.212.162
23.111.9.35
23.218.208.200
23.218.208.246
23.218.209.154
23.218.209.87
23.37.42.132
2600:1f18:612b:4264:7659:1bf:d736:fba9
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:20eb:4200:9:4c16:5180:21
2600:9000:2182:1200:10:618e:d880:93a1
2600:9000:2182:8e00:6:44e3:f8c0:93a1
2600:9000:21f3:2200:d:77c3:2dc0:21
2606:4700:10::6816:1957
2606:4700:3039::6815:c034
2606:4700::6812:c05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:800::200e
2a00:1450:4001:802::2004
2a00:1450:4001:802::2006
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:400c:c1b::9c
2a02:26f0:6c00::210:ba0a
2a02:26f0:7100:298::19fd
2a02:fa8:8806:16::1400
2a03:2880:f02d:12:face:b00c:0:3
3.141.126.26
3.8.225.221
34.252.253.152
34.98.107.212
34.98.64.218
35.157.48.14
35.201.96.126
35.227.248.159
37.157.6.246
52.215.39.23
52.30.76.93
52.49.193.31
52.58.146.86
52.59.28.101
66.155.71.149
69.173.144.139
70.42.32.159
72.251.241.204
77.243.60.138
85.114.159.93
94.23.73.243
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07cabaa026b8f05367c863bb2d5cf926e2d2405dd6f169bd983f32c766845c7d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc1bcd3d0a249c0cdeaecc33aff3538b3b95aa14a35efcdf3a8ebc4eee40063
0d05240cbf0a06b58cb3d5a0eb094088468539fbc39a44e441149ffcdcaa3558
0e01138a67c25ff4eb8d6f3f6d04f90d5dffa96f03c1c16fea106f716e1f7d12
0ef5f1f412d437afc21378ef2d4a8eaa3a9e009eda9ac6552a563d9d675c63a4
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
11331ccba25ab1080ea2b5fbcb00dbd9618eff8d9cc8124f919700b52dc27fda
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12908560649347ef059f6050969915f30de9372df215b60768fa76d5f612cb11
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1929f586066f2a140caac813d7b3008df5c3ef8b63fdefcea04a8934ccb8e555
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c61b3b43e4345655f81ed2382ba642a56e6dff030d1698b5deadb6c142f0008
1c898a2e3974c68708e2d5569e522f376dcf19c627de3718e3ce18d26772bda8
22845b386e1659dece48f7b8a371f47a5d12d96ee2b7d37dbf2d54571ced87bc
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
25b88bf9d929543f95693a526b8a0e803eb7190cfa60042b0487a4b6b749ae71
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2878c06eaa36809d2bf556a97ac803fa0870241e075817b5310e9b0410cc66d4
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3302ef568a096b5d784190fc4a27a5360a9e0a22c069d90253c6341e311024d8
34e3f618db625fef9f9d3efb096053c1a63a9c3cd725ba2275829d6218d942fa
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
373230acfd98e6e8704812d39c2288ce9ca1d1a20c2884586b16f3ea3e4774cb
38046b05f29b7c5b5b7d7fa3e9cf373ad54645bb9b416446af8190841594f906
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40652885cf7622d0b20b8cee818efb80d4857c5892767a0139498051c1dae647
4465a43dd079c83a2ea3a882d9406ec43bf4b656503980b1b53fdcabece7e851
47b7a8710924ec2a6402c437f720b5e31dd3a5229a18db70badce74eaba80c4f
480ba854183383c44508f6be2ab0fb2b3d0031353f007c891ef08d75b4a78477
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49a01fff315fb6ec10f2ce3546c34c1bc2310beff2163af790b2cc342426ab2a
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a473cf544d7448fdc00355d4e0881d8d224e6e451bc34c162c23b536c763987
4bc5ae73919013376b1842291774a47cf338b9eb8d89ac679d35d71b26539993
4c60c42426eaa550f58aec14abf17f5bc7ccc7ada4885b7be3ad4933766786d8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1d09387f62774dbb03e6b7c8404f8ccadb06a747b60571f8f080213820cab9
4e9117f00b958920d6a594588c82bb74e5cf045d786c548b15b91ae65d11cc0f
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f8df574e944075984b607c653b5f638dfd559bb2a3847291c844caec1411eb5
4fae65bdf675c16429a7906d07f361ff9e20644db51be31764c67c9162f13c71
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
56506b675381e722a20f857f869310596414de2252ff9399c1c19e890930e492
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
573dcd453fe51f3c0feafb27a7831eaa59abc9d93e3c6531c1211a87d38bde06
5f3648c71b3f11081997a9bb03c78c1cc0478c24ceb7b1372c91d9ab89db7773
5fb8ecb1dff0fc2d281a3d9d1b558dc273295ba84e0f8c1677cf10fa08dca11a
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
616cee571ec37dc9a0d8ac558765081b3a71a11d220309ac574a754837291cc4
622878f91444603d817a23ab4e10ff0cb2418a54d9ce99a657b50246e2e11a0d
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
682a85d2bbcfe426cba989171c5f2cecc08a9f80e271d174e53d849e041528fd
6ac393d573d4618c7a8e10307d8e50170430a650923ddaf0108f6deffcf6e8ec
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70d82c6075989e0082b4917c6685f5f6bec1e673d0a80160eac61b3f1cdcb1a1
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76edf836a8be69dbefb1bcf36fc0a7eb98010268bbf257e9f2d37c042c926312
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7ec1d786af9777487aa00100fe9c81bc1ab919c7f06367f6a9f02e45955049fe
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8660aee083a5dbfdf7dd59c529c411bf60bf5d076903af961df89543bd379871
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ecab3b6160a68ff7b6cfb589efde1855e951e17934fd7718865ce4de655ff77
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
90bf686f30e8bfcc224e5af0495606f031d6d5970a5701f45fc94951b2fae966
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
973b6b4ffff43efb313b7fe577b1023e1c5ae0f8dae564663c16e2b86d742a04
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d5a3e22d4ed63d2a467e86d1b97024abd30d69595a9d0d7503ac6648c34d6fe
9f46919e25daae9d5f04e8d397e6ba3be2b891684ea77ca9f076bacca9d207ec
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f2f3ca7ec6304fd763d16155cf2ceb6203735e5f9d247c8e8e5fbc3cdb5d6c
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
ab4562ae39fd46d0dcee10f45dedcc035d27c453587f849bd605014a1304f082
ab6301d7b636b4563b06fd697082beb3441f46e3d71b16f9d6bba5f4df440811
adea24151041edd1b5e77977b0cfb9229fb31ea317daae43a1cf568ed4d20c14
afd3b6319efd03c4a8f513495184f595264d0f5c6c560d8b807c1c386bc9d896
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b7add002e12b8f607eb2690dad7a555491b6db778e094874c5bdb1f15fbc24b3
bb94e061cdbeeb984bf8ca54dd5f991875d91d438aebc6de16266553821b8289
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
c15727daac3b0139529330f2a7a99095fa93a8f7341a75b937ac93f04bb87341
c404c0bec5fb5ae83b58c5e0c0748ef328b634c2d11a400cfd6a8d693ea95d4f
c68673bcb163c2e9061587dc14a6288617bb2655078a1c04e7eb75711da010ab
c8d2551c545c7556a6abf32ece25d1b8e12c1d31964919fb5a3b73e3ca0c67c4
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cbe2c3feaf2a8d0fc70d2ebf257b5de056be577e78ed77e93f4a7459ad80931e
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d604d1e8c50757859cb984d9a6be7c5e844749b0fe07ac149bf188eed1efdb80
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
d7113658dcdd2562878df662365f811c688101a7aacb05ec25ad2a01ef9d2847
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
d9e1107b72b069b4ca7dded7c66e7e3b0f7ddff248603a4520a213e7b133cd26
e01b2c94a979c7f73e27503991c0087ddd4e3dc9b6920cae31ba9308db24bb9e
e27b395dd390b36ff73915d6736d8c30721b8f2c88d69bbfe7d9baba127bd0a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
e62c9e8a6da7f44d8c4d20b99bca55913130e0557ba1a21f3b0fbcbc9bab03b7
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
ea46a42d00476045a7d3b59ec7105a16d3a8e3c663781305a29aa9e015e71afb
eaa7aec31ce828cc26dc35d25917156a3a2fa18a1b8bd5213ff750cc298f362d
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28d24d7be412fcd3081b3b3cab61bc273fd59e5b03111acbbff366ada2e31a2
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb
f37e21c653607facbf39ad55a0d09b23fbda4ee1be8202257bd4c218eb1544ee
f685d36f3f62589ffc7cb9633a82850958978f8803780ece24c613ca6f8cf563
f94366efc6314725e16b4002b1e6903913b1f6d9f5757aec611205dcd0db3596

www.kristv.com Open in urlscan Pro 13.226.159.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

256 Requests

100 %HTTPS

28 %IPv6

75 Domains

121 Subdomains

79 IPs

11 Countries

3637 kBTransfer

9861 kBSize

5 Cookies

25 Outgoing links

Redirected requests

256 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.kristv.com Open in urlscan Pro
13.226.159.82 Public Scan

Screenshot
Live screenshot

Full Image

256
Requests

100 %
HTTPS

28 %
IPv6

75
Domains

121
Subdomains

79
IPs

11
Countries

3637 kB
Transfer

9861 kB
Size

5
Cookies

256 HTTP transactions
4 data transactions