urlscan.io logo urlscan.io
SecurityTrails logo

wegotthiscovered.com Open in urlscan Pro
2606:4700:10::6816:354c  Public Scan

Go To Rescan Add Verdict Report
URL: https://wegotthiscovered.com/
Submission: On January 31 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 100 IPs in 11 countries across 85 domains to perform 368 HTTP transactions. The main IP is 2606:4700:10::6816:354c, located in United States and belongs to CLOUDFLARENET, US. The main domain is wegotthiscovered.com. The Cisco Umbrella rank of the primary domain is 78378.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2021. Valid for: a year.
This is the only time wegotthiscovered.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
125 2606:4700:10:... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 19 63.250.56.119 41436 (CLOUDWEBM...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 13.225.80.90 16509 (AMAZON-02)
1 18.66.248.93 16509 (AMAZON-02)
4 2a03:2880:f01... 32934 (FACEBOOK)
6 35.190.39.246 15169 (GOOGLE)
1 35.201.96.133 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.139.128.11 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 108.157.4.127 16509 (AMAZON-02)
1 18.217.60.34 16509 (AMAZON-02)
1 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
4 34.120.157.206 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 142.250.184.226 15169 (GOOGLE)
1 216.52.2.39 30282 (AS-INAPCD...)
4 5 35.211.178.172 19527 (GOOGLE-2)
2 35.164.52.163 16509 (AMAZON-02)
3 5 3.126.56.137 16509 (AMAZON-02)
1 141.95.3.10 16276 (OVH)
1 44.239.145.70 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
1 44.225.168.153 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
6 13.224.197.4 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2.18.233.180 16625 (AKAMAI-AS)
2 2 185.94.180.126 35220 (SPOTX-AMS)
4 35.244.159.8 15169 (GOOGLE)
1 2a0c:5c81:513... 55081 (24SHELLS)
1 1 23.88.75.187 24940 (HETZNER-AS)
4 9 2.18.234.21 16625 (AKAMAI-AS)
2 2 76.223.111.18 16509 (AMAZON-02)
1 13.225.80.81 16509 (AMAZON-02)
5 8.39.36.142 26667 (RUBICONPR...)
2 3 37.252.173.215 29990 (ASN-APPNEX)
7 185.167.96.10 41436 (CLOUDWEBM...)
1 18.184.69.62 16509 (AMAZON-02)
1 35.174.217.176 14618 (AMAZON-AES)
1 185.255.84.150 200271 (IGUANE-)
1 184.31.84.150 16625 (AKAMAI-AS)
1 35.156.230.193 16509 (AMAZON-02)
1 2602:803:c001... 26667 (RUBICONPR...)
1 69.166.1.14 27630 (AS-XFERNET)
6 34.149.20.76 15169 (GOOGLE)
1 178.250.2.131 44788 (ASN-CRITE...)
1 216.52.2.30 29791 (VOXEL-DOT...)
4 35.158.184.159 16509 (AMAZON-02)
1 3 37.252.172.249 29990 (ASN-APPNEX)
1 18.159.145.91 16509 (AMAZON-02)
1 52.50.61.155 16509 (AMAZON-02)
1 185.94.180.123 35220 (SPOTX-AMS)
3 198.47.127.19 62713 (AS-PUBMATIC)
2 4 37.157.4.24 198622 (ADFORM)
10 23.227.139.243 55081 (24SHELLS)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
1 5 46.249.52.249 50673 (SERVERIUS-AS)
3 2600:9000:20e... 16509 (AMAZON-02)
2 185.93.1.242 60068 (CDN77 ^_^)
1 2a00:1450:400... 15169 (GOOGLE)
1 108.157.4.92 16509 (AMAZON-02)
1 46.105.202.126 16276 (OVH)
1 1 66.155.71.25 13768 (COGECO-PEER1)
1 35.227.252.103 15169 (GOOGLE)
1 3.213.248.174 14618 (AMAZON-AES)
2 5.178.65.252 50673 (SERVERIUS-AS)
1 3 162.55.236.224 24940 (HETZNER-AS)
1 1 2.19.35.65 16625 (AKAMAI-AS)
4 104.92.74.8 16625 (AKAMAI-AS)
1 205.234.175.175 30081 (CACHENETW...)
1 51.89.9.251 16276 (OVH)
1 16 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.225.80.9 16509 (AMAZON-02)
1 13 18.196.233.14 16509 (AMAZON-02)
5 9 142.250.186.162 15169 (GOOGLE)
3 4 35.227.248.159 15169 (GOOGLE)
3 5 3.33.220.150 16509 (AMAZON-02)
1 2a04:4e42::300 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 34.255.158.76 16509 (AMAZON-02)
1 34.254.143.3 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.103 24961 (MYLOC-AS ...)
2 2 52.19.22.209 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 18.158.20.100 16509 (AMAZON-02)
2 54.76.155.32 16509 (AMAZON-02)
3 4 151.101.2.49 54113 (FASTLY)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 3.216.55.148 14618 (AMAZON-AES)
1 2 52.95.115.196 16509 (AMAZON-02)
1 104.89.42.102 16625 (AKAMAI-AS)
1 1 52.211.48.215 16509 (AMAZON-02)
1 2 209.54.176.128 16509 (AMAZON-02)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 54.175.36.162 14618 (AMAZON-AES)
1 1 2620:116:800b... 14618 (AMAZON-AES)
1 18.64.79.126 16509 (AMAZON-02)
1 212.129.3.113 12876 (Online SAS)
1 1 62.209.227.211 13036 (TMOBILE-)
1 69.173.144.165 26667 (RUBICONPR...)
1 4 188.132.147.227 42910 (PREMIERDC...)
1 35.244.174.68 15169 (GOOGLE)
2 2 185.29.134.244 30419 (MEDIAMATH...)
3 3 8.39.36.141 26667 (RUBICONPR...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 1 185.33.221.186 29990 (ASN-APPNEX)
2 2 72.251.244.141 29791 (VOXEL-DOT...)
1 1 204.62.13.72 46636 (NATCOWEB)
3 3 18.157.252.145 16509 (AMAZON-02)
368 100
125    2606:4700:10::6816:354c (United States)

ASN13335 (CLOUDFLARENET, US)
wegotthiscovered.com
8    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
19    63.250.56.119 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.primis.tech
3    2606:4700::6811:4f22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
eb.proper.io
2    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    13.225.80.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-90.fra2.r.cloudfront.net
sb.scorecardresearch.com
1    18.66.248.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-93.dus51.r.cloudfront.net
certify-js.alexametrics.com
4    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    35.190.39.246 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 246.39.190.35.bc.googleusercontent.com
superficialeyes.com
1    35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com
terrifictooth.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
s.skimresources.com
1    2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    108.157.4.127 (United States)

ASN16509 (AMAZON-02, US)
certify.alexametrics.com
1    18.217.60.34 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-60-34.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    34.120.157.206 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 206.157.120.34.bc.googleusercontent.com
spc.wegotthiscovered.com
1    2600:9000:20eb:3200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
1    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
5    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    35.164.52.163 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-52-163.us-west-2.compute.amazonaws.com
usync.proper.io
5    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    141.95.3.10 (France)

ASN16276 (OVH, FR)
PTR: p31.id5-sync.com
id5-sync.com
1    44.239.145.70 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-145-70.us-west-2.compute.amazonaws.com
id.sharedid.org
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    44.225.168.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-168-153.us-west-2.compute.amazonaws.com
bids.proper.io
1    2600:9000:20eb:c400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
6    13.224.197.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-4.fra2.r.cloudfront.net
c.amazon-adsystem.com
3    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
propermedia-d.openx.net
primis-d.openx.net
1    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
1    23.88.75.187 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de
csync.loopme.me
9    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    13.225.80.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-81.fra2.r.cloudfront.net
sync.intentiq.com
5    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
7    185.167.96.10 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
video.primis.tech
1    18.184.69.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-69-62.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    35.174.217.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-217-176.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
1    185.255.84.150 (Paris, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    35.156.230.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    2602:803:c001::200:144 (San Jose, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
6    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
4    35.158.184.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-184-159.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    18.159.145.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-145-91.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
1    52.50.61.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-61-155.eu-west-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
dmp.adform.net
track.adform.net
10    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.console.adtarget.com.tr
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
5    46.249.52.249 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
3    2600:9000:20eb:4400:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
2    185.93.1.242 (United States)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-463.bunnyinfra.net
cdn.admatic.com.tr
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    108.157.4.92 (United States)

ASN16509 (AMAZON-02, US)
ats.rlcdn.com
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    3.213.248.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-248-174.compute-1.amazonaws.com
a.audrte.com
2    5.178.65.252 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
3    162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de
sync.richaudience.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
16    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    13.225.80.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-9.fra2.r.cloudfront.net
geo.privacymanager.io
13    18.196.233.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-233-14.eu-central-1.compute.amazonaws.com
ih.adscale.de
9    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
5    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f16:e61:3f00:3e0:6686:45e9:a16e (Columbus, United States)

ASN16509 (AMAZON-02, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:c5b2:6467:3d71:6a2f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    34.255.158.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-158-76.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    89.163.159.103 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
2    52.19.22.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    18.158.20.100 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-20-100.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    54.76.155.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
beacon.krxd.net
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    3.216.55.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-55-148.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.115.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    104.89.42.102 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    52.211.48.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-48-215.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
2    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    54.175.36.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-36-162.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    2620:116:800b:21:ea23:7677:128a:8c9c (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
1    18.64.79.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-126.txl50.r.cloudfront.net
tags.crwdcntrl.net
1    212.129.3.113 (Lignieres-Sonneville, France)

ASN12876 (Online SAS, FR)
PTR: 212-129-3-113.rev.poneytelecom.eu
js.cookieless-data.com
1    62.209.227.211 (Prague, Czech Republic)

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid2.ibillboard.com
bbnaut.ibillboard.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
4    188.132.147.227 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-227-147-132-188.sadecehosting.net
ads3.admatic.com.tr
ads4.admatic.com.tr
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a05:d018:d29:3602:5ce0:1e2e:863d:4da1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    185.33.221.186 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 878.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
adscale-emea.adnxs.com
2    72.251.244.141 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-02.ams2.m6r.eu
tracking.m6r.eu
1    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
3    18.157.252.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-252-145.eu-central-1.compute.amazonaws.com
pixel.advertising.com
Apex Domain
Subdomains		 Transfer
129 wegotthiscovered.com
wegotthiscovered.com — Cisco Umbrella Rank: 78378
spc.wegotthiscovered.com — Cisco Umbrella Rank: 166907
2 MB
26 primis.tech
live.primis.tech — Cisco Umbrella Rank: 3190
video.primis.tech — Cisco Umbrella Rank: 6710
509 KB
16 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1427
mwzeom.zeotap.com — Cisco Umbrella Rank: 1680
5 KB
16 adscale.de
js.adscale.de — Cisco Umbrella Rank: 7427
ih.adscale.de — Cisco Umbrella Rank: 3772
17 KB
16 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1121
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2741
token.rubiconproject.com — Cisco Umbrella Rank: 689
27 KB
14 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
153 KB
11 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 6241
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 6623
5 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
htlb.casalemedia.com — Cisco Umbrella Rank: 461
ssum.casalemedia.com — Cisco Umbrella Rank: 1337
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
dsum.casalemedia.com — Cisco Umbrella Rank: 1272
10 KB
10 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1565
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
83 KB
8 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3752
u-ams02.e-planning.net — Cisco Umbrella Rank: 59486
s.e-planning.net — Cisco Umbrella Rank: 6371
i.e-planning.net — Cisco Umbrella Rank: 6375
4 KB
8 gstatic.com
fonts.gstatic.com
146 KB
7 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 404
ib.adnxs.com — Cisco Umbrella Rank: 241
adscale-emea.adnxs.com — Cisco Umbrella Rank: 19094
5 KB
7 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 473
hbopenbid.pubmatic.com Failed
image6.pubmatic.com — Cisco Umbrella Rank: 595
22 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1023
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
4 KB
6 admatic.com.tr
cdn.admatic.com.tr — Cisco Umbrella Rank: 9839
ads3.admatic.com.tr — Cisco Umbrella Rank: 10680
ads4.admatic.com.tr — Cisco Umbrella Rank: 20051
22 KB
6 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1648
1 KB
6 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 3146
r.skimresources.com — Cisco Umbrella Rank: 2912
t.skimresources.com — Cisco Umbrella Rank: 3079
p.skimresources.com — Cisco Umbrella Rank: 4283
20 KB
6 superficialeyes.com
superficialeyes.com — Cisco Umbrella Rank: 88590
210 KB
6 proper.io
global.proper.io — Cisco Umbrella Rank: 10835
usync.proper.io — Cisco Umbrella Rank: 5238
bids.proper.io — Cisco Umbrella Rank: 11632
eb.proper.io — Cisco Umbrella Rank: 12830
116 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
2 KB
5 openx.net
u.openx.net — Cisco Umbrella Rank: 710
propermedia-d.openx.net — Cisco Umbrella Rank: 13378
primis-d.openx.net — Cisco Umbrella Rank: 12817
rtb.openx.net — Cisco Umbrella Rank: 1548
1 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
3 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
2 KB
4 adform.net
cm.adform.net — Cisco Umbrella Rank: 1786
dmp.adform.net — Cisco Umbrella Rank: 2434
track.adform.net — Cisco Umbrella Rank: 3933
1 KB
4 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 1127
pixel.advertising.com — Cisco Umbrella Rank: 327
1 KB
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1349
465 B
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
196 KB
3 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1240
sync.mathtag.com — Cisco Umbrella Rank: 421
2 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 408
usermatch.krxd.net — Cisco Umbrella Rank: 1214
934 B
3 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 673
tags.crwdcntrl.net — Cisco Umbrella Rank: 2221
13 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2438
85 KB
3 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2070
744 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
tlx.3lift.com — Cisco Umbrella Rank: 600
3 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 483
search.spotxchange.com — Cisco Umbrella Rank: 405
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
2 KB
3 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 812
ats.rlcdn.com — Cisco Umbrella Rank: 1554
id.rlcdn.com — Cisco Umbrella Rank: 738
38 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 138
2 KB
2 m6r.eu
tracking.m6r.eu — Cisco Umbrella Rank: 12770
1 KB
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27256
672 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1197
791 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 698
721 B
2 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 722
dis.criteo.com — Cisco Umbrella Rank: 691
873 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 596
cdn.id5-sync.com — Cisco Umbrella Rank: 1872
11 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 816
ap.lijit.com — Cisco Umbrella Rank: 690
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
386 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1019
pixel.quantserve.com — Cisco Umbrella Rank: 424
10 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
6 KB
2 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 6427
certify.alexametrics.com — Cisco Umbrella Rank: 3682
3 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 881
2 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
153 KB
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2627
582 B
1 ibillboard.com
bbnaut.ibillboard.com — Cisco Umbrella Rank: 20532
550 B
1 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 5866
535 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1483
382 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2733
187 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 193308
214 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 466
225 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 442
381 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 20022
335 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751
596 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7892
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 11738
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 570
161 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1747
593 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
814 B
1 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3719
2 KB
1 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3536
288 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1699
936 B
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1799
162 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4305
745 B
1 mantisadnetwork.com
mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 11970
344 B
1 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1542
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1175
243 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 898
2 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 4825
217 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 533
481 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1366
5 KB
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 324
16 KB
1 terrifictooth.com
terrifictooth.com
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
0 bemail.it Failed
bn01.er.bemail.it Failed
368 85
Domain Requested by
125 wegotthiscovered.com wegotthiscovered.com
19 live.primis.tech 1 redirects wegotthiscovered.com
live.primis.tech
13 mwzeom.zeotap.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
10 sync.console.adtarget.com.tr s.console.adtarget.com.tr
js.adscale.de
ads.us.e-planning.net
9 cm.g.doubleclick.net 5 redirects spl.zeotap.com
ssum.casalemedia.com
ads.us.e-planning.net
8 fonts.gstatic.com wegotthiscovered.com
fonts.googleapis.com
7 video.primis.tech wegotthiscovered.com
6 ssc.33across.com global.proper.io
6 c.amazon-adsystem.com live.primis.tech
global.proper.io
c.amazon-adsystem.com
6 superficialeyes.com wegotthiscovered.com
superficialeyes.com
5 match.adsrvr.org 3 redirects ssum.casalemedia.com
ads.us.e-planning.net
5 pixel.rubiconproject.com wegotthiscovered.com
ads.us.e-planning.net
5 ups.analytics.yahoo.com 3 redirects wegotthiscovered.com
5 x.bidswitch.net 4 redirects wegotthiscovered.com
4 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
4 sync-tm.everesttech.net 3 redirects wegotthiscovered.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
live.primis.tech
4 btlr.sharethrough.com global.proper.io
4 ads.pubmatic.com live.primis.tech
s.console.adtarget.com.tr
ads.us.e-planning.net
4 spc.wegotthiscovered.com wegotthiscovered.com
4 connect.facebook.net wegotthiscovered.com
connect.facebook.net
3 pixel.advertising.com 3 redirects
3 token.rubiconproject.com 3 redirects
3 ads3.admatic.com.tr cdn.admatic.com.tr
s.console.adtarget.com.tr
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
3 ib.adnxs.com 1 redirects global.proper.io
spl.zeotap.com
3 secure.adnxs.com 2 redirects ssum.casalemedia.com
3 fonts.googleapis.com wegotthiscovered.com
live.primis.tech
superficialeyes.com
3 securepubads.g.doubleclick.net global.proper.io
securepubads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
wegotthiscovered.com
3 sb.scorecardresearch.com 1 redirects wegotthiscovered.com
2 tracking.m6r.eu 2 redirects
2 sync.mathtag.com 2 redirects
2 track.adform.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 bcp.crwdcntrl.net 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 s.e-planning.net ads.us.e-planning.net
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 creativecdn.com 2 redirects
2 eb2.3lift.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 u.openx.net live.primis.tech
2 sync.search.spotxchange.com 2 redirects
2 usync.proper.io wegotthiscovered.com
2 www.facebook.com wegotthiscovered.com
2 p.skimresources.com wegotthiscovered.com
2 t.skimresources.com wegotthiscovered.com
s.skimresources.com
2 cdnjs.cloudflare.com wegotthiscovered.com
2 unpkg.com 1 redirects wegotthiscovered.com
2 global.proper.io wegotthiscovered.com
global.proper.io
2 pagead2.googlesyndication.com wegotthiscovered.com
pagead2.googlesyndication.com
1 ads4.admatic.com.tr 1 redirects
1 inv-nets.admixer.net 1 redirects
1 adscale-emea.adnxs.com 1 redirects
1 dis.criteo.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 id.rlcdn.com ads.us.e-planning.net
1 pixel-eu.rubiconproject.com ads.us.e-planning.net
1 bbnaut.ibillboard.com 1 redirects
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 eb.proper.io global.proper.io
1 pixel.quantserve.com 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 dsum.casalemedia.com ssum.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 geo.privacymanager.io ats.rlcdn.com
1 onetag-sys.com ads.us.e-planning.net
1 i.e-planning.net ads.us.e-planning.net
1 secure-assets.rubiconproject.com 1 redirects
1 a.audrte.com ads.us.e-planning.net
1 rtb.openx.net ads.us.e-planning.net
1 pixel.sitescout.com 1 redirects
1 cdn.id5-sync.com wegotthiscovered.com
1 ats.rlcdn.com wegotthiscovered.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cm.adform.net s.console.adtarget.com.tr
1 search.spotxchange.com live.primis.tech
1 prebid-server.rubiconproject.com live.primis.tech
1 primis-d.openx.net live.primis.tech
1 ads.adaptv.advertising.com live.primis.tech
1 propermedia-d.openx.net global.proper.io
1 ap.lijit.com global.proper.io
1 bidder.criteo.com global.proper.io
1 apex.go.sonobi.com global.proper.io
1 fastlane.rubiconproject.com global.proper.io
1 hb.emxdgt.com global.proper.io
1 htlb.casalemedia.com global.proper.io
1 hb-api.omnitagjs.com global.proper.io
1 mantodea.mantisadnetwork.com global.proper.io
1 tlx.3lift.com global.proper.io
1 sync.intentiq.com wegotthiscovered.com
1 csync.loopme.me 1 redirects
1 s.console.adtarget.com.tr live.primis.tech
1 rules.quantcount.com secure.quantserve.com
1 bids.proper.io global.proper.io
1 api.rlcdn.com global.proper.io
1 id.sharedid.org global.proper.io
1 id5-sync.com global.proper.io
1 ce.lijit.com global.proper.io
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 static.adsafeprotected.com wegotthiscovered.com
1 secure.quantserve.com global.proper.io
1 r.skimresources.com s.skimresources.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com wegotthiscovered.com
1 certify.alexametrics.com wegotthiscovered.com
1 static.cloudflareinsights.com wegotthiscovered.com
1 s.skimresources.com wegotthiscovered.com
1 cdn.ampproject.org wegotthiscovered.com
1 terrifictooth.com wegotthiscovered.com
1 certify-js.alexametrics.com wegotthiscovered.com
1 www.googletagmanager.com wegotthiscovered.com
0 bn01.er.bemail.it Failed spl.zeotap.com
0 hbopenbid.pubmatic.com Failed global.proper.io
live.primis.tech
368 140

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
instagram.com
getadmiral.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-08 -
2022-06-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2021-10-29 -
2022-06-18		 8 months crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
certify-js.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-09 -
2022-02-07		 3 months crt.sh
superficialeyes.com
R3		 2022-01-01 -
2022-04-01		 3 months crt.sh
terrifictooth.com
R3		 2022-01-02 -
2022-04-02		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-12 -
2022-11-10		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
spc.bestgamingsettings.com
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2022-01-10 -
2023-02-09		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-01-28 -
2022-04-28		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2021-10-14 -
2022-11-11		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-01-23 -
2022-04-23		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
sync.console.adtarget.com.tr
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
cdn.admatic.com.tr
R3		 2022-01-06 -
2022-04-06		 3 months crt.sh
cdn.id5-sync.com
R3		 2021-11-24 -
2022-02-22		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.e-planning.net
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-03-06		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.theadex.com
AlphaSSL CA - SHA256 - G2		 2021-10-01 -
2022-11-02		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-11-24 -
2022-04-26		 5 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
js.cookieless-data.com
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
ads4.admatic.com.tr
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh

This page contains 31 frames:

Primary Page: https://wegotthiscovered.com/
Frame ID: 6432B7431EF8BFC5C782BE3232DC8C37
Requests: 230 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=108034&playerApiId=primisPlayer&cbuster=1643602603&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Frame ID: 2DF902A002CAB5735DFCE270C308B386
Requests: 27 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5835370752829601
Frame ID: 4C49BBF28E8FB55CB0E4D7B10AA89C20
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: C7F46070D3FAF316C979DCA007182AE9
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: C252891405BA8EB1812D43E2541FE0DC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: AE30F1A965F00672C42A643390CC0A2A
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=94&advUuid=9920e64d-824c-11ec-8163-14bc9e680406
Frame ID: 2300ACE73E65134957D789E146AC8F2B
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 925E2A3D07A118552E4A8358578A5B5E
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 3C4602D1B4275AD28D62CC787958C9DD
Requests: 3 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: FFF77FEF9BD42B9877FBF2C41485B2FE
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 690B950BBA10CBB252236A6086F27684
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: 7BEF7DC2B44120A1F69EBB2FBCB76910
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Frame ID: 3E36E6609A99785DF70734467F1070DC
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=cjYWb9F5crrn6YLC1eJ5&pi=admatic&tc=1
Frame ID: 7FEC101014B825010CE3DE5B7432DBB7
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 30EF75C8C25039F7E677BAA8FFC8036E
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 0A9E9C6D9E6BD90157DC7D21096774BB
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 6ADEF94A33171FBBA8B717A4D8CA77CB
Requests: 5 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 87D7A06DE6136F7272ECBAA019497145
Requests: 6 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Frame ID: 5066E00E1E36B01675CE74D37449B8DF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 37B2D409B5EF44A73252DD7A5B52BC8F
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc9d114716353b24f%26uid%3D
Frame ID: 883C389D6249DEC094A672C266D0EEEF
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9d114716353b24f%26uid%3D
Frame ID: 2095650C6344FE7771B323F8F7020BAB
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: FF967D62EEBBF48FFF291A2F8DD23745
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 9B3FC9AED9F8091A07FED637DFC39B35
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361&cmp=0
Frame ID: 489B3A2E02241E47A20D1DA772A762D9
Requests: 30 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 0B1A3806E1FE7EE3E5330CEE96062E2F
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AMSnymj41j5pYSlt
Frame ID: 5F40B9A9AB204AE3ECA38BEAF4BBDBC7
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 9F6870D1EDB3A9CB479AD630C4ED8D1C
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: 8048C75FF8534DC14D58903757F76A24
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: 46C12AA40379C6A82172377B5D049C57
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: DC6EB4D622C218935D04885B5C33CB60
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Movie News, Gaming News, Blu-Ray News, Music News, and TV News | We Got This CoveredArrow Left #1 IconArrow right #1 Iconuser-signalchecklistsettings-toggle-horizontal

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

368
Requests

86 %
HTTPS

23 %
IPv6

85
Domains

140
Subdomains

100
IPs

11
Countries

3585 kB
Transfer

8204 kB
Size

102
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
Request Chain 140
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035334&ns__t=1643602603232&ns_c=UTF-8&cv=3.5&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&c7=https%3A%2F%2Fwegotthiscovered.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035334&ns__t=1643602603232&ns_c=UTF-8&cv=3.5&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&c7=https%3A%2F%2Fwegotthiscovered.com%2F&c9=
Request Chain 174
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D9b9bc193-1923-4c21-97db-f1da9d94784e%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&us_privacy=1---&callback=window.proper_c58f4de2_cd58d9d5_2 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D9b9bc193-1923-4c21-97db-f1da9d94784e%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&us_privacy=1---&callback=window.proper_c58f4de2_cd58d9d5_2 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=9b9bc193-1923-4c21-97db-f1da9d94784e&uid=98feba6e-fa9a-4b43-8ef1-a31684266eb6
Request Chain 175
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_4d4deff9_632f52a1_3 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_4d4deff9_632f52a1_3&verify=true HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-ZdOZOVFE2uEIKL7XQmQnmb3xZMP34Ohl~A
Request Chain 187
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=9920e6bc-824c-11ec-8163-14bc9e680406 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=94&advUuid=9920e64d-824c-11ec-8163-14bc9e680406
Request Chain 193
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=93&advUuid=b6a95ae7-c7e2-4756-8d5b-66841e67ee12
Request Chain 194
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=99&advUuid=YfdiqxOUss2MGpDOxESJyAAABHMAAAAB
Request Chain 195
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D2332745991239148496250&advId=121&advUuid=2332745991239148496250 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=2332745991239148496250
Request Chain 197
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D61f762ab3fa2c%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=105&advUuid=1404262804935752776
Request Chain 253
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=cjYWb9F5crrn6YLC1eJ5&pi=admatic&tc=1
Request Chain 254
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 266
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dc9d114716353b24f HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=c9d114716353b24f
Request Chain 270
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dc9d114716353b24f HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 271
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc9d114716353b24f%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c9d114716353b24f&uid=1404262804935752776
Request Chain 272
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 280
  • https://ih.adscale.de/uu?cbfn=receive&t=1643602604 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1643602604&nut&uu=a29fef31fb034b0ebb50a3ecac259eed
Request Chain 283
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D01c8215a-1877-4384-750a-a250f5d2d31c%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D01c8215a-1877-4384-750a-a250f5d2d31c%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=1ddb5243-cc4b-474c-ab99-1b8c4c56598c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Request Chain 285
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D01c8215a-1877-4384-750a-a250f5d2d31c%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D01c8215a-1877-4384-750a-a250f5d2d31c%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=43d1e780-f893-4604-a520-ff205777493f&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Request Chain 289
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=9f8349d5-d8cd-4274-a802-1ef3c226383a&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 290
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=0d52aa8b-c114-40a9-4378-3f68326fd8ef&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D01c8215a-1877-4384-750a-a250f5d2d31c%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=0d52aa8b-c114-40a9-4378-3f68326fd8ef&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D01c8215a-1877-4384-750a-a250f5d2d31c%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=43224408320907221813653725664438693181&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Request Chain 293
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D01c8215a-1877-4384-750a-a250f5d2d31c%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7059219431804303511&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Request Chain 294
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=0d52aa8b-c114-40a9-4378-3f68326fd8ef HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=0d52aa8b-c114-40a9-4378-3f68326fd8ef
Request Chain 295
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0d52aa8b-c114-40a9-4378-3f68326fd8ef&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D01c8215a-1877-4384-750a-a250f5d2d31c%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0d52aa8b-c114-40a9-4378-3f68326fd8ef&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D01c8215a-1877-4384-750a-a250f5d2d31c%26zdid%3D1361&bounce=1&random=2027629808 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=t/uuP27xiZW3L.7FvZ.QMe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Request Chain 297
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=0d52aa8b-c114-40a9-4378-3f68326fd8ef?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=0d52aa8b-c114-40a9-4378-3f68326fd8ef?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=5a9089010ef95d7e43f056632fda53d1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Request Chain 298
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-qd.I7glE2ooLIZS7MluA7DZg5MD8GZZI_A--~A&zpartnerid=570&env=mWeb
Request Chain 299
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=A6Vgz1bOeKmymLb99cflEQyxQ%2FQhXUwT%2BS41iYitP1U%3D
Request Chain 302
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D01c8215a-1877-4384-750a-a250f5d2d31c%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D01c8215a-1877-4384-750a-a250f5d2d31c%26zdid%3D1361&_test=YfdirAACmS-prwBB HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YfdirAACmS-prwBB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361&_test=YfdirAACmS-prwBB
Request Chain 303
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D01c8215a-1877-4384-750a-a250f5d2d31c%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=d5ad61f7-62ac-4700-aeaf-9b91d12a736f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Request Chain 304
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OokKdoM4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=0d52aa8b-c114-40a9-4378-3f68326fd8ef
Request Chain 305
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0d52aa8b-c114-40a9-4378-3f68326fd8ef&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0d52aa8b-c114-40a9-4378-3f68326fd8ef&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361&dcc=t
Request Chain 307
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D01c8215a-1877-4384-750a-a250f5d2d31c%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Request Chain 311
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfdiqxOUss2MGpDOxESJyAAABHMAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfdiqxOUss2MGpDOxESJyAAABHMAAAAB&dcc=t
Request Chain 313
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfdiqxOUss2MGpDOxESJyAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YfdiqxOUss2MGpDOxESJyAAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMLrjFdiCjrYPgblsjas0b0&google_cver=1&gdpr=1
Request Chain 315
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643689004&gdpr=1
Request Chain 316
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a2305f4b-2b6e-4475-a6a8-6d08380d48d3&expiration=1675138604
Request Chain 317
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=_cNUgP3AU9TmkAOH8ssf1K2WB4TmwgqFqsWKFhXj
Request Chain 337
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=a29fef31fb034b0ebb50a3ecac259eed&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b6457eb75a57dea0b3b7c3%2F1643602604700%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?tpid=101&tpuid=BBID-01-03183166047919736-16513560
Request Chain 340
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=92331eaac5d6ab4ec5995d4431a19bf04aecbb2106929851a952e45f5b56fbca&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b6457eb75a57dea0b3b7c3%2F1643602604700%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YfdiqxOUss2MGpDOxESJyAAA%261139
Request Chain 341
  • https://track.adform.net/serving/cookie/match/?party=9&uid=ffb3344fd28876ce85c4fafa25c229e336c420335ae85259a92ee358f3338841&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b6457eb75a57dea0b3b7c3%2F1643602604700%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=ffb3344fd28876ce85c4fafa25c229e336c420335ae85259a92ee358f3338841&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b6457eb75a57dea0b3b7c3%2F1643602604700%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?tpid=42&gdpr=0&tpuid=1693832102025013925
Request Chain 343
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d5ad61f7-62ac-4700-aeaf-9b91d12a736f&expires=28
Request Chain 344
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfdirAACmS-prwBB&us_privacy=1---
Request Chain 346
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/7MX5qHsJ2Bn6OFwTRIZWBQ?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7578564428221389362
Request Chain 347
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_CNm2yMh7ecu1HURrAAcg&google_cver=1
Request Chain 348
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjJiMjZjNjE0ODUwZDkyNDVlOTNmOTBkOWZlMTlmOTI2YjM5OTI4Ng&us_privacy=1---
Request Chain 349
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oyNkpZNDEtVi1MTzVX&us_privacy=1---
Request Chain 350
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=5181d635ca240e7c1631e87500761cd8c6b1bca4a3851feb7f78d2376b54bdc4&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b6457eb75a57dea0b3b7c3%2F1643602604700%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=616c3d3a-fff4-435c-8d1b-c7b0ee43c563&gdpr=0
Request Chain 351
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=558d9aa73fab9b5845ecd9eb3bd4c4d52dfa90ee6432b2fe58d57196f4113aad&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b6457eb75a57dea0b3b7c3%2F1643602604700%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d5ad61f7-62ac-4700-aeaf-9b91d12a736f&gdpr=0&gdpr_consent=
Request Chain 352
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=252497aa8e8eb93c514c6fa38a31a27772bfe310820c0f8e527f30bdec7aff5f&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b6457eb75a57dea0b3b7c3%2F1643602604700%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?uid=252497aa8e8eb93c514c6fa38a31a27772bfe310820c0f8e527f30bdec7aff5f&tpid=38&gdpr=0&tpuid=CAESEFvHlS98sMvUIbcB0z9x4SU&google_cver=1
Request Chain 353
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b6457eb75a57dea0b3b7c3%2F1643602604700%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?tpid=75&tpuid=1404262804935752776&gdpr=0
Request Chain 354
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=6d3311258ee7ff6e693433b25496e3c1036c6392d035873b6789b35071b6a0f2&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b6457eb75a57dea0b3b7c3%2F1643602604700%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=6d3311258ee7ff6e693433b25496e3c1036c6392d035873b6789b35071b6a0f2&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b6457eb75a57dea0b3b7c3%2F1643602604700%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/js?tpid=48&tpuid=2995162ffdc4ff231fcff14d228a2774
Request Chain 358
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadmatic%26bsw_param%3D98feba6e-fa9a-4b43-8ef1-a31684266eb6%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=43f56ff5fd7a430ebe2f8754e9d71390&ssp=admatic&bsw_param=98feba6e-fa9a-4b43-8ef1-a31684266eb6&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=98feba6e-fa9a-4b43-8ef1-a31684266eb6&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=98feba6e-fa9a-4b43-8ef1-a31684266eb6&dsp_uuid=&dsp_id=
Request Chain 362
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP9b7e8cb8-824c-11ec-b84c-0259bd26e26e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA5YjdlOGNiOC04MjRjLTExZWMtYjg0Yy0wMjU5YmQyNmUyNmU%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEI1AGike1vydGFczOBbtJU0&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEI1AGike1vydGFczOBbtJU0&google_cver=1&apid=UP9b7e8cb8-824c-11ec-b84c-0259bd26e26e
Request Chain 363
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=43d1e780-f893-4604-a520-ff205777493f&_origin=1&gdpr=1&gdpr_consent=

368 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wegotthiscovered.com/ 		145 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33e426fb1bd1864754df8a2d9ae1776d139e65ab6e7365887961c11bb774569

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-type
text/html; charset=UTF-8
cf-ray
6d6020485a966957-FRA
link
<https://wegotthiscovered.com/wp-json/>; rel="https://api.w.org/", </wp-includes/css/dist/block-library/style.min.css?ver=5.8.3>; rel=preload; as=style, </wp-content/plugins/dotesports-gutenberg-blocks/build/style-index.css?ver=1641880874>; rel=preload; as=style, </wp-content/plugins/face3-wgtc-gallery/frontend/css/styles.css?ver=3>; rel=preload; as=style, </wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.4.2>; rel=preload; as=style, </wp-content/themes/wegotthiscovered-wordpress-theme/style.css?ver=19>; rel=preload; as=style, </wp-content/themes/wegotthiscovered-wordpress-theme/responsive.css?ver=6>; rel=preload; as=style, </wp-content/themes/wegotthiscovered-wordpress-theme/update.css?ver=1>; rel=preload; as=style, </wp-content/themes/wegotthiscovered-wordpress-theme/icons/wgtc-icons.css?ver=20210809>; rel=preload; as=style, </wp-content/themes/wegotthiscovered-wordpress-theme/css/ml-social-buttons-colorful.css?ver=5.8.3>; rel=preload; as=style, </wp-content/themes/wegotthiscovered-wordpress-theme/font/font.css?ver=4.0.17>; rel=preload; as=style, </wp-includes/js/jquery/jquery.min.js?ver=3.6.0>; rel=preload; as=script, </wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2>; rel=preload; as=script, </wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.4.2>; rel=preload; as=script, </wp-includes/js/imagesloaded.min.js?ver=4.1.4>; rel=preload; as=script, </wp-content/plugins/face3-infinite-scroll-plugin/inc/libs/jquery-ias.js?ver=1.0.0>; rel=preload; as=script, </wp-content/plugins/face3-infinite-scroll-plugin/inc/js/face3-infinite-scroll.functions.js?ver=1.0.0>; rel=preload; as=script, </wp-content/plugins/face3-wgtc-gallery/frontend/js/jquery.zoom.min.js?ver=1.7.18>; rel=preload; as=script, </wp-content/plugins/face3-wgtc-gallery/frontend/js/wgtc-gallery.js?ver=3>; rel=preload; as=script, </wp-content/themes/wegotthiscovered-wordpress-theme/js/wgtc-gallery.js?ver=0.1.8>; rel=preload; as=script, </wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery.ba-hashchange.min.js?ver=1.3>; rel=preload; as=script, </wp-includes/js/wp-embed.min.js?ver=5.8.3>; rel=preload; as=script
vary
Accept-Encoding, Accept-Encoding
cf-cache-status
BYPASS
cf-apo-via
origin,no-cache
cf-edge-cache
cache,platform=wordpress
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-h2-pushed
</wp-includes/css/dist/block-library/style.min.css?ver=5.8.3>,</wp-content/plugins/dotesports-gutenberg-blocks/build/style-index.css?ver=1641880874>,</wp-content/plugins/face3-wgtc-gallery/frontend/css/styles.css?ver=3>,</wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.4.2>,</wp-content/themes/wegotthiscovered-wordpress-theme/style.css?ver=19>,</wp-content/themes/wegotthiscovered-wordpress-theme/responsive.css?ver=6>,</wp-content/themes/wegotthiscovered-wordpress-theme/update.css?ver=1>,</wp-content/themes/wegotthiscovered-wordpress-theme/icons/wgtc-icons.css?ver=20210809>,</wp-content/themes/wegotthiscovered-wordpress-theme/css/ml-social-buttons-colorful.css?ver=5.8.3>,</wp-content/themes/wegotthiscovered-wordpress-theme/font/font.css?ver=4.0.17>,</wp-includes/js/jquery/jquery.min.js?ver=3.6.0>,</wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2>,</wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.4.2>,</wp-includes/js/imagesloaded.min.js?ver=4.1.4>,</wp-content/plugins/face3-infinite-scroll-plugin/inc/libs/jquery-ias.js?ver=1.0.0>,</wp-content/plugins/face3-infinite-scroll-plugin/inc/js/face3-infinite-scroll.functions.js?ver=1.0.0>,</wp-content/plugins/face3-wgtc-gallery/frontend/js/jquery.zoom.min.js?ver=1.7.18>,</wp-content/plugins/face3-wgtc-gallery/frontend/js/wgtc-gallery.js?ver=3>,</wp-content/themes/wegotthiscovered-wordpress-theme/js/wgtc-gallery.js?ver=0.1.8>,</wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery.ba-hashchange.min.js?ver=1.3>,</wp-includes/js/wp-embed.min.js?ver=5.8.3>
style.min.css
wegotthiscovered.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 13:31:32 GMT
server
cloudflare
age
2935
etag
W/"615c53b4-13abe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
6d60204d49496957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style-index.css
wegotthiscovered.com/wp-content/plugins/dotesports-gutenberg-blocks/build/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/dotesports-gutenberg-blocks/build/style-index.css?ver=1641880874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d409d40452e89d9d370724999a883b2c61e2a38756d16399f5a42b17ffebe74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 06:01:14 GMT
server
cloudflare
age
2935
etag
W/"61dd1d2a-165a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=5722
cf-ray
6d60204d494a6957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
styles.css
wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/css/styles.css?ver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33277ffb1c537988994e15918695f168d9b7ee59d5866f132731d3f5dfa35068

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jan 2022 00:25:52 GMT
server
cloudflare
age
2935
etag
W/"61db7d10-2b9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=11163
cf-ray
6d60204d494b6957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
wpp.css
wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 		391 B
309 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
544655deb2ee0c64031ce29769c557f467a81dc635a70f19f348869a224fd8a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 01:49:33 GMT
server
cloudflare
age
2935
etag
W/"6141512d-631"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=1585
cf-ray
6d60204d494c6957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
style.css
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/ 		95 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/style.css?ver=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb4cb554efd808c5f0ab1a06394d70e8ee1f47934ebc82bfe6cb946abd27456

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Jan 2022 20:57:52 GMT
server
cloudflare
age
2381
etag
W/"61ef12d0-17deb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
status=cannot_optimize
cf-ray
6d60204d494d6957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
responsive.css
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/responsive.css?ver=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37af83b7b3447b5e7b839c6406cbb743d9258ce5a11e65ad03381efd9cad1a71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 01:21:14 GMT
server
cloudflare
age
2935
etag
W/"616f6f0a-a0f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=41205
cf-ray
6d60204d49506957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
update.css
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/ 		1 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/update.css?ver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aa87ccf3a1419b793e70ac232b54165a20b868b04b90d91a61184f9c6e25d1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 31 Aug 2021 02:37:50 GMT
server
cloudflare
age
2935
etag
W/"612d95fe-617"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=1559
cf-ray
6d60204d49516957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
wgtc-icons.css
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/icons/ 		1 KB
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/icons/wgtc-icons.css?ver=20210809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4f27ebb0f237a1ae53cfeffa54619fb1c003abd679afb6660ce76e28cbedcad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 Sep 2021 17:56:08 GMT
server
cloudflare
age
2935
etag
W/"6138f938-9cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=2507
cf-ray
6d60204d49556957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
ml-social-buttons-colorful.css
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/css/ 		35 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/css/ml-social-buttons-colorful.css?ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9fafd10b9c075cbd480ddbc7e48b43c24fb0d857277a5af1e967fefdca1c8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2935
etag
W/"60ed1d0e-9b82"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=39810
cf-ray
6d60204d49566957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
font.css
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/font/ 		441 B
285 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/font/font.css?ver=4.0.17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c5a777ae5f019ccfc137e41a5ba673f03c52e28538ff33ecd31be1e8741709e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2935
etag
W/"60ed1d0e-6a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=1702
cf-ray
6d60204d49586957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.min.js
wegotthiscovered.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 13:31:32 GMT
server
cloudflare
age
2935
etag
W/"615c53b4-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6d60204d49596957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.min.js
wegotthiscovered.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 15:17:14 GMT
server
cloudflare
age
2935
etag
W/"6050cbfa-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6d60204d495c6957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wpp.min.js
wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ace4208545fb0ff5ea87fbe1470d3bf0af8e73d7d52fea869966c4b9d8c78a60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 01:49:33 GMT
server
cloudflare
age
2935
etag
W/"6141512d-bc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6d60204d495e6957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
imagesloaded.min.js
wegotthiscovered.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 15:17:14 GMT
server
cloudflare
age
2935
etag
W/"6050cbfa-15fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6d60204d49606957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-ias.js
wegotthiscovered.com/wp-content/plugins/face3-infinite-scroll-plugin/inc/libs/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/face3-infinite-scroll-plugin/inc/libs/jquery-ias.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cab7a2588ee09da94299ab1b8c38adacec9e8622e21c01c98e134d7910fa0b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Aug 2015 18:19:11 GMT
server
cloudflare
age
2935
etag
W/"55c4f69f-137f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6d60204d49616957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
face3-infinite-scroll.functions.js
wegotthiscovered.com/wp-content/plugins/face3-infinite-scroll-plugin/inc/js/ 		586 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/face3-infinite-scroll-plugin/inc/js/face3-infinite-scroll.functions.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c5b55ff805d5e4c854c5ab9a9bfe23335fa48df78b79e45334d792507d674d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Aug 2015 18:49:25 GMT
server
cloudflare
age
2935
etag
W/"55db6735-2ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=686
cf-ray
6d60204d49636957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.zoom.min.js
wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/js/jquery.zoom.min.js?ver=1.7.18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36888c04868ad973127198ca39debe974bd10d13871eeb44dd7931319d58c88b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2016 14:28:36 GMT
server
cloudflare
age
2935
etag
W/"57d2c714-a09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6d60204d49646957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wgtc-gallery.js
wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/js/wgtc-gallery.js?ver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecb6dac496818e5be7cd90e371c56c47f61030000872520d6cadc7f345cd5e6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jan 2022 00:23:20 GMT
server
cloudflare
age
2935
etag
W/"61db7c78-2a24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=10788
cf-ray
6d60204d49656957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
wgtc-gallery.js
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/ 		2 KB
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/wgtc-gallery.js?ver=0.1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db12238e10df0181b6a1a1d65f4b889a70fecfdaea11d7d166781fa0f15bfbab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2935
etag
W/"60ed1d0e-fb2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=4018
cf-ray
6d60204d49686957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.ba-hashchange.min.js
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/ 		1 KB
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery.ba-hashchange.min.js?ver=1.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f83525f16ff835fe5758be6f531ecd5e4efdce465f5935de044f1625a8d0d7b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2935
etag
W/"60ed1d0e-5f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6d60204d49696957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-embed.min.js
wegotthiscovered.com/wp-includes/js/ 		1 KB
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-includes/js/wp-embed.min.js?ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 15:17:14 GMT
server
cloudflare
age
2935
etag
W/"6050cbfa-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6d60204d496a6957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:19:17 GMT
x-content-type-options
nosniff
age
554246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16256
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 24 Jan 2023 18:19:17 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 04:23:18 GMT
x-content-type-options
nosniff
age
258805
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14872
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 28 Jan 2023 04:23:18 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:22:41 GMT
x-content-type-options
nosniff
age
435242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14932
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 03:22:41 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:17:55 GMT
x-content-type-options
nosniff
age
554328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 24 Jan 2023 18:17:55 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:32:43 GMT
x-content-type-options
nosniff
age
330240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14880
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:47 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 27 Jan 2023 08:32:43 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
fonts.gstatic.com/s/oswald/v36/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81b683dd9d42cd417d7d9b29ab60b1d30c8f3b6d0cd6dde6587725805559a7d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:19:10 GMT
x-content-type-options
nosniff
age
554253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24052
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:31:25 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 24 Jan 2023 18:19:10 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-17178859-1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6976beaefb000a67baa5c22d2602b8f53e3173b7485d74b57c06cc16a5e4f0d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36063
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Jan 2022 04:16:43 GMT
ads-prebid-banner-proper-outbrain.js
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/ 		25 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/ads-prebid-banner-proper-outbrain.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Nov 2021 06:06:19 GMT
server
cloudflare
age
2815
etag
W/"61973edb-1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=27
cf-ray
6d60204d8bda8ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0884b6d1c70f2e1f952116f68dbffaa92e035bd4f427274b6ad3a0bc6fcf9a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51968
x-xss-protection
0
server
cafe
etag
7421405360983610607
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 04:16:43 GMT
logo.png
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/img/logo.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd295e68be50a02352f50a968b8d76e6ce5b2754171c6e1ae231e34d6e6e023

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
5243
cf-polished
origFmt=png, origSize=4277
content-disposition
inline; filename="logo.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3710
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
etag
"60ed1d0e-10b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc108ff8-FRA
cf-bgj
imgq:100,h2pri
liveView.php
live.primis.tech/live/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108034&playerApiId=primisPlayer
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
d4746af6c8a8f2286cacff181a6c3212ed18b1f760dd5970e2222b8a03142bbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:42 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
ghostface-scream-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/ghostface-scream-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bcaaa5f6dfdbf78bf3bd8e03337e69a21c93be7553c38d8661071e93233d1e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 16:22:57 GMT
server
cloudflare
etag
"61ddaee1-7cc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=31944, status=webp_bigger
accept-ranges
bytes
cf-ray
6d60204dcc118ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30511
cf-bgj
imgq:100,h2pri
Tessa-Thompson-in-Men-in-Black-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2018/03/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/03/Tessa-Thompson-in-Men-in-Black-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54386238bbc5ed215eddc6624514a4bfdd0f23e0a744c5623bf7fb7f2078043c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
cf-polished
origFmt=jpeg, origSize=50876
content-disposition
inline; filename="Tessa-Thompson-in-Men-in-Black-325x190.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31992
last-modified
Wed, 21 Mar 2018 19:24:57 GMT
server
cloudflare
etag
"5ab2b189-c6bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc128ff8-FRA
cf-bgj
imgq:100,h2pri
spider-man-across-the-spider-verse-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2021/12/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/12/spider-man-across-the-spider-verse-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17bff9a76501cb050bb373f400ea5af25a80e074ecff1b773498f6c116d0b621

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=17447, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16964
last-modified
Sun, 05 Dec 2021 07:02:32 GMT
server
cloudflare
etag
"61ac6408-4427"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc138ff8-FRA
cf-bgj
imgq:100,h2pri
Getty-Alicia-Silverstone-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/Getty-Alicia-Silverstone-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e82a81369f38985c7143378d5d5f883341d230023b2d03e4bb00b385f2f11d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
last-modified
Sun, 30 Jan 2022 20:42:28 GMT
server
cloudflare
etag
"61f6f834-67d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=26581, status=webp_bigger
accept-ranges
bytes
cf-ray
6d60204dcc148ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11474
cf-bgj
imgq:100,h2pri
image-117-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/10/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/10/image-117-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456841e521b201d7c7277fdfb34e9bdf1165f88358c161a3c0dfe3dae08d1343

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=8640, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8403
last-modified
Thu, 21 Oct 2021 17:04:04 GMT
server
cloudflare
etag
"61719d84-21c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc158ff8-FRA
cf-bgj
imgq:100,h2pri
image-65-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/image-65-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af981cdf669921489ca2e7ee8d7e170460a1e009537f67f502d56275c96a563

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6643
last-modified
Thu, 20 Jan 2022 08:03:49 GMT
server
cloudflare
etag
"61e91765-19f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc168ff8-FRA
cf-bgj
imgq:100,h2pri
the-batman-matt-reeves-image-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/the-batman-matt-reeves-image-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dec984ba9dc2f2e8a6d2396f70bd2a10fbf3bdb47664da38de1ca4a35c13351f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=29465, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6737
last-modified
Wed, 26 Jan 2022 20:59:32 GMT
server
cloudflare
etag
"61f1b634-7319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc178ff8-FRA
cf-bgj
imgq:100,h2pri
image-103-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/image-103-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09643085894b7da6f7c6369f3adc5c3061d7c859d1726f21c6e8aab54fa56597

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=7769, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7751
last-modified
Sun, 30 Jan 2022 18:36:15 GMT
server
cloudflare
etag
"61f6da9f-1e59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc188ff8-FRA
cf-bgj
imgq:100,h2pri
andrew-garfield-the-amazing-spider-man-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/andrew-garfield-the-amazing-spider-man-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39a83e327691344ca448f4fd93943fd453d69f8198bbce66952db75122bb6b3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=6713, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6618
last-modified
Tue, 04 Jan 2022 06:49:45 GMT
server
cloudflare
etag
"61d3ee09-1a39"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc198ff8-FRA
cf-bgj
imgq:100,h2pri
IMG03271-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/IMG03271-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19df086d05dbfd2b75f0b8d4b7e7fee55bece71aae1b6f7127780625925310d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=67468, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7007
last-modified
Thu, 27 Jan 2022 09:40:52 GMT
server
cloudflare
etag
"61f268a4-1078c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc1b8ff8-FRA
cf-bgj
imgq:100,h2pri
image1-80-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/10/image1-80-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d385b1d4c86e8bf918eec196450c1bd47856cf7959ba87c4a53b5d96a01069aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=8538, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8302
last-modified
Sun, 24 Oct 2021 09:55:47 GMT
server
cloudflare
etag
"61752da3-215a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc1c8ff8-FRA
cf-bgj
imgq:100,h2pri
BELLE_Image05-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/BELLE_Image05-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2d9bb230f9dab25bc5d06f6a5aaa57e8ae3fc18c4cbc50b87b7a3d13c6c0555

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=19470, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10674
last-modified
Fri, 14 Jan 2022 20:00:57 GMT
server
cloudflare
etag
"61e1d679-4c0e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc1d8ff8-FRA
cf-bgj
imgq:100,h2pri
denzel-washington-tragedy-of-macbeth-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/denzel-washington-tragedy-of-macbeth-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e652a9b099ea15849ac82f3fc8a982375eaad197ffade13599b59a9ea76a8ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=14643, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4095
last-modified
Fri, 14 Jan 2022 15:23:26 GMT
server
cloudflare
etag
"61e1956e-3933"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc1e8ff8-FRA
cf-bgj
imgq:100,h2pri
image1-76-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/10/image1-76-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3381a2338c226fa98684959645df87ade3f057d360e8f2ca62e29523c3befacd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=8810, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8776
last-modified
Thu, 21 Oct 2021 15:24:56 GMT
server
cloudflare
etag
"61718648-226a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc1f8ff8-FRA
cf-bgj
imgq:100,h2pri
image-58-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/12/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/12/image-58-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90bbd4f73d0f5110efc6b9162aa0e51273682ba2489e27b2bc1b4e755cb56e1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=8440, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8403
last-modified
Mon, 20 Dec 2021 10:53:39 GMT
server
cloudflare
etag
"61c060b3-20f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc208ff8-FRA
cf-bgj
imgq:100,h2pri
halo-series-trailer-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2021/12/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/12/halo-series-trailer-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2d41ab3ac71c57abaed45b576fc5ccb5c7bfce6a284dc9b6d0eb873b8fe4cf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=35341, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27687
last-modified
Fri, 10 Dec 2021 03:46:07 GMT
server
cloudflare
etag
"61b2cd7f-8a0d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc218ff8-FRA
cf-bgj
imgq:100,h2pri
Hades_Wallpaper_01-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/Hades_Wallpaper_01-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d329b37f313cef241a9917e721f9503ee793f22d9651a3685929151a09470d7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=11660, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11414
last-modified
Thu, 27 Jan 2022 22:03:46 GMT
server
cloudflare
etag
"61f316c2-2d8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc228ff8-FRA
cf-bgj
imgq:100,h2pri
mortal-kombat-writer-greg-russo-system-shock-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/mortal-kombat-writer-greg-russo-system-shock-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fca521e86e9f656e62beeca53056a6e38e00ba7a988e22feebb3e084b91ab164

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=34708, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17960
last-modified
Thu, 27 Jan 2022 17:55:05 GMT
server
cloudflare
etag
"61f2dc79-8794"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc248ff8-FRA
cf-bgj
imgq:100,h2pri
horizon-forbidden-west-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/08/horizon-forbidden-west-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e310e717fe37fcee6d5c142b0c57b4bc95daa4c26889958a07e7d8c18f0e8c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=10979, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10383
last-modified
Wed, 25 Aug 2021 20:23:51 GMT
server
cloudflare
etag
"6126a6d7-2ae3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc258ff8-FRA
cf-bgj
imgq:100,h2pri
ufc-4-ps4-playstation-4-1.original-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2020/10/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2020/10/ufc-4-ps4-playstation-4-1.original-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f3a9669a1c26eadf39025a3dc28dbf8699eeb1792778c5e9413a6cde98ffae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=12962, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12834
last-modified
Sun, 25 Oct 2020 15:32:30 GMT
server
cloudflare
etag
"5f959a8e-32a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc268ff8-FRA
cf-bgj
imgq:100,h2pri
Screen-Shot-2022-01-26-at-10.05.26-AM-225x135.png
wegotthiscovered.com/wp-content/uploads/2022/01/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/Screen-Shot-2022-01-26-at-10.05.26-AM-225x135.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b0cac4fcd4ca1dd8fb367d82883c88d6cba544ced1651a0aa498457da7e11d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=png, origSize=59904
content-disposition
inline; filename="Screen-Shot-2022-01-26-at-10.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37214
last-modified
Wed, 26 Jan 2022 15:06:12 GMT
server
cloudflare
etag
"61f16364-ea00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc278ff8-FRA
cf-bgj
imgq:100,h2pri
Huggy_Wuggy_TikTok-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/Huggy_Wuggy_TikTok-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df18357d420a5824439135820319ef53e2d1dcca38d316e288b9def87b3dda3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8677
last-modified
Tue, 25 Jan 2022 19:08:22 GMT
server
cloudflare
etag
"61f04aa6-21e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc288ff8-FRA
cf-bgj
imgq:100,h2pri
159425671325881963-3-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2020/07/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2020/07/159425671325881963-3-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57e1516e53f21a9c1dd939cde9c84285ad575d8038696085503aac6f578353f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=15391, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15231
last-modified
Thu, 09 Jul 2020 13:53:21 GMT
server
cloudflare
etag
"5f072151-3c1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc298ff8-FRA
cf-bgj
imgq:100,h2pri
Cuphead-1280x720-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/04/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/04/Cuphead-1280x720-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0b2afc6253c260074a5d28e3829df1190c2dd29935e2da120684db28d1fe99f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=jpeg, origSize=33179
content-disposition
inline; filename="Cuphead-1280x720-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21144
last-modified
Wed, 17 Apr 2019 14:45:43 GMT
server
cloudflare
etag
"5cb73c17-819b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc2e8ff8-FRA
cf-bgj
imgq:100,h2pri
Uncharted-Legacy-of-Thieves-Collection-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/Uncharted-Legacy-of-Thieves-Collection-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66a81e30fc3c535336c7a219f1920c457ed3cab72d006d831968daa35596655e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=12332, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4751
last-modified
Wed, 26 Jan 2022 03:34:59 GMT
server
cloudflare
etag
"61f0c163-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc2f8ff8-FRA
cf-bgj
imgq:100,h2pri
Rainbow-Six-Extraction-Artwork-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/Rainbow-Six-Extraction-Artwork-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e669216314f013618bf978b08fea09f43de509466e7d0f0c683afbe32b3687d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=33476, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7146
last-modified
Mon, 24 Jan 2022 21:36:32 GMT
server
cloudflare
etag
"61ef1be0-82c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc308ff8-FRA
cf-bgj
imgq:100,h2pri
Monster-Hunter-Rise-PC-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/Monster-Hunter-Rise-PC-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
803ea1c3e7df23acae6897a2f854114ebf8a0600d3763aa4b5ec8f509d5643e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=7962, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7773
last-modified
Thu, 20 Jan 2022 19:59:52 GMT
server
cloudflare
etag
"61e9bf38-1f1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc318ff8-FRA
cf-bgj
imgq:100,h2pri
Solar-Ash-Screenshot-2-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/12/Solar-Ash-Screenshot-2-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2349a025739e069d57656f3b805dbdb5b48e79b45a5d24ac8b9ad2428041098

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=7115, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6924
last-modified
Tue, 14 Dec 2021 17:00:12 GMT
server
cloudflare
etag
"61b8cd9c-1bcb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc338ff8-FRA
cf-bgj
imgq:100,h2pri
Battlefield-2042-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/11/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/11/Battlefield-2042-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec673289b026009eb7fe75ca390e58cdf89eff767181aa647e9762c0e00a73b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=9660, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9180
last-modified
Mon, 22 Nov 2021 17:41:31 GMT
server
cloudflare
etag
"619bd64b-25bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc358ff8-FRA
cf-bgj
imgq:100,h2pri
Call-of-Duty-Vanguard-Artwork-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/11/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/11/Call-of-Duty-Vanguard-Artwork-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e8818dddf0efd01962338d5a7d7cf3c8c3709b639f95a0a1467bd7c5ce0a7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=6193, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6018
last-modified
Mon, 15 Nov 2021 19:19:40 GMT
server
cloudflare
etag
"6192b2cc-1831"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc378ff8-FRA
cf-bgj
imgq:100,h2pri
Priscilla-Renea-resized-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/Priscilla-Renea-resized-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f18bae9ff9028823a99a8d790571206784ab612e567a40e6f8a3e6ed39dca26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=30151, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28657
last-modified
Sat, 29 Jan 2022 14:35:20 GMT
server
cloudflare
etag
"61f550a8-75c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc398ff8-FRA
cf-bgj
imgq:100,h2pri
tiktok-logo-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2021/12/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/12/tiktok-logo-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd537f45624df3c3158f86ad88df9cc91464bfd9bd498779c6f0237f7cfe8fda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=6151, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5598
last-modified
Wed, 29 Dec 2021 17:06:04 GMT
server
cloudflare
etag
"61cc957c-1807"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc3a8ff8-FRA
cf-bgj
imgq:100,h2pri
CleanTok-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/CleanTok-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a571975593e5f494e4c94a8b7e19a1b48541aeddd4f5ce030c990ebc19413a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=19763, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19232
last-modified
Wed, 26 Jan 2022 18:04:38 GMT
server
cloudflare
etag
"61f18d36-4d33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc3b8ff8-FRA
cf-bgj
imgq:100,h2pri
south-park_vaccination-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2021/02/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/02/south-park_vaccination-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d6c896afc276f6161881259e316f57752f770e95dcfa1252866a6959735746d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=11762, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11588
last-modified
Thu, 25 Feb 2021 21:12:53 GMT
server
cloudflare
etag
"603812d5-2df2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc3d8ff8-FRA
cf-bgj
imgq:100,h2pri
This-Preschool-Show-Was-Streamed-More-Than-Loki-On-Disney-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2021/08/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/08/This-Preschool-Show-Was-Streamed-More-Than-Loki-On-Disney-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45088d5307a8c526cf8bce9aae2967d79aa21b9f987ee896ed1a93f5a8b9e04f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=44837, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40236
last-modified
Tue, 10 Aug 2021 01:02:30 GMT
server
cloudflare
etag
"6111d026-af25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc3e8ff8-FRA
cf-bgj
imgq:100,h2pri
Screen-Shot-2022-01-26-at-10.05.26-AM-325x190.png
wegotthiscovered.com/wp-content/uploads/2022/01/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/Screen-Shot-2022-01-26-at-10.05.26-AM-325x190.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
107e8e208fe6196f15cc6fa732dca44a2a0cbe65062f3310a34ecfb362ffb600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=png, origSize=108953
content-disposition
inline; filename="Screen-Shot-2022-01-26-at-10.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66466
last-modified
Wed, 26 Jan 2022 15:06:12 GMT
server
cloudflare
etag
"61f16364-1a999"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc3f8ff8-FRA
cf-bgj
imgq:100,h2pri
walking-dead-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/walking-dead-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff396c67ce1d6ec51856128ac4db11395082f8f070a3e8e495d9bdcfe120a0e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=17375, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16532
last-modified
Fri, 14 Jan 2022 20:05:51 GMT
server
cloudflare
etag
"61e1d79f-43df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc408ff8-FRA
cf-bgj
imgq:100,h2pri
peacemaker-header-6-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/peacemaker-header-6-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
154c0138b534d04bd2d03c99bed790c5d1963d220b4e87c468e08996b42f89b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=9667, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9402
last-modified
Sun, 30 Jan 2022 18:28:03 GMT
server
cloudflare
etag
"61f6d8b3-25c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc418ff8-FRA
cf-bgj
imgq:100,h2pri
Getty-Kylie-Jenner-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/Getty-Kylie-Jenner-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7fe30b7718dc0a682cf3431e839e7533d981890cfcc3e9b571b139ed431523b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=16760, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7578
last-modified
Sun, 30 Jan 2022 18:48:17 GMT
server
cloudflare
etag
"61f6dd71-4178"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc448ff8-FRA
cf-bgj
imgq:100,h2pri
John-Cena-as-Peacemaker-in-HBO-show-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/John-Cena-as-Peacemaker-in-HBO-show-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c429a69da80634af457e92b53bab4e8482055e1705fbbafc35f024009b673aff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=8109, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7992
last-modified
Thu, 27 Jan 2022 18:00:55 GMT
server
cloudflare
etag
"61f2ddd7-1fad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc468ff8-FRA
cf-bgj
imgq:100,h2pri
servant-season-3-cast-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/servant-season-3-cast-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be68b41604ef80c35c72104ef2ac793a9f22d4c7a01d53dedbc4325b07ed7a01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=19897, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7942
last-modified
Fri, 21 Jan 2022 20:02:30 GMT
server
cloudflare
etag
"61eb1156-4db9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc488ff8-FRA
cf-bgj
imgq:100,h2pri
wegotthiscovered.min.js
global.proper.io/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/wegotthiscovered.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a695a19b81a7ca98d82d7dfdd05916c268f1961c106944a22689f806e9d78f02

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 22:18:20 GMT
server
cloudflare
age
453481
etag
W/"61f0772c-6ce1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6d60204df93d6993-FRA
expires
Mon, 31 Jan 2022 04:21:43 GMT
plow.lite.js
wegotthiscovered.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/plow.lite.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7266ace550671f9ee12e1e3cf91480093e6e4222d1aa317e0cc9b2f13ce3927

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Jan 2022 02:22:01 GMT
server
cloudflare
age
2798
etag
W/"61df8cc9-97a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=38821
cf-ray
6d60204dcc498ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
web-vitals.iife.js
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
498869
fly-request-id
01FT89TJSS48R5JZ9BEGXXFJF8
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"114c-NCNEyA/dMQ5L7XGqd2v2QNXHero"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6d60204e2e77929f-FRA

Redirect headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FTQ5BJB83VF50GNZERKGSB74
server
cloudflare
age
234
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@2.1.4/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d60204dfe52929f-FRA
access-control-allow-origin
*
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-90.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:14:38 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
151
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
xLBkuVofYCA9GgzTOFEal5TkCknzI4zRoFRz_JJJFfZRwexACQBmVw==
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-93.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
24055757
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
9HDZtp_LUrDbhbEcM4jik1Rw9vTKVMExE1hGAok7Y5g5le6CQB4Sfg==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26237
x-xss-protection
0
pragma
public
x-fb-debug
bhGpGt6rfgrJdgc/ONKO/DLUDRDnCckhOA9R2B5pqNZR7R3b7NzawhsSwWF9khMqgF3JCiZBxBN1kzVqUiOXzQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 31 Jan 2022 04:16:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
superficialeyes.com/ 		517 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
68d5899d1f2d79c7679d41d0a8e6e45ee0d1c79dbffa5b8b650b70c61382642e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"194d1c69a74c0e3916fdacf76bbbf2e215e4368fbed660b3fe66bb40116724cc"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-c63t
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 31 Jan 2022 04:16:43 GMT
timing-allow-origin
*
v2jltJrHqG_ZP_OW2oPEQQcRZfkj9fqNRmQkea3mD7AYbCHJcxNiuERHPUOQvux6fk4xk5IkOGcpr5tMUUA
terrifictooth.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://terrifictooth.com/v2jltJrHqG_ZP_OW2oPEQQcRZfkj9fqNRmQkea3mD7AYbCHJcxNiuERHPUOQvux6fk4xk5IkOGcpr5tMUUA
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
eb43b5025933b9759ba4b26c6426ebabc359676317b7df620acdd6ac03aff1fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
etag
"f3008e3631b5bb9ffc7c95fc7f11e67b03d03ef7d6621909e9d1eaf28f2916ee"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-c63t
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 31 Jan 2022 04:16:43 GMT
timing-allow-origin
*
station-eleven-hbo-max-himesh-patel-matilda-lawler-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/12/station-eleven-hbo-max-himesh-patel-matilda-lawler-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfbcaccdde25484081657fb53245eb8a92a626ee25308c9d27fd0c184a533bf4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=27367, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10808
last-modified
Mon, 27 Dec 2021 12:52:46 GMT
server
cloudflare
etag
"61c9b71e-6ae7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc4a8ff8-FRA
cf-bgj
imgq:100,h2pri
witcher-season-two-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/12/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/12/witcher-season-two-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3aa18d5764d310366b8dfa20ced37a00b61a776f1ace733cf21ad63dd848e87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=26510, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8591
last-modified
Fri, 17 Dec 2021 00:02:47 GMT
server
cloudflare
etag
"61bbd3a7-678e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc4b8ff8-FRA
cf-bgj
imgq:100,h2pri
the-shrink-next-door-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/11/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/11/the-shrink-next-door-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38b9a3cbfbbd68ccd300e39fdd7dd48075591d83d02ebc0bb02d6eb6fbade5e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=22331, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9377
last-modified
Wed, 24 Nov 2021 21:13:52 GMT
server
cloudflare
etag
"619eab10-573b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc4e8ff8-FRA
cf-bgj
imgq:100,h2pri
Cowboy-Bebop-2-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/11/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/11/Cowboy-Bebop-2-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3512b656ffddeba0274cac35d1c9b867d3d35dff5073416cfa670c962ca8e0ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=12707, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12420
last-modified
Thu, 18 Nov 2021 23:41:33 GMT
server
cloudflare
etag
"6196e4ad-31a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc4f8ff8-FRA
cf-bgj
imgq:100,h2pri
doctor-brain-review-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/11/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/11/doctor-brain-review-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6cda1555fc224a9cb1026e350d5a5c47950f9d48eebfff889f8e9a1b5ffa0ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=19035, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7438
last-modified
Wed, 17 Nov 2021 18:24:49 GMT
server
cloudflare
etag
"619548f1-4a5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc518ff8-FRA
cf-bgj
imgq:100,h2pri
Dafoe-Spider-Man-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2021/07/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/07/Dafoe-Spider-Man-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5499c83c0095bbaf4f4b0a48afc5f3805b11df0ec0136e2a64daca5d4f87b15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=53219, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30719
last-modified
Mon, 12 Jul 2021 15:44:05 GMT
server
cloudflare
etag
"60ec6345-cfe3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc538ff8-FRA
cf-bgj
imgq:100,h2pri
Getty-Johnny-Knoxville-resized-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/Getty-Johnny-Knoxville-resized-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eb80ad3c4fc582851ca1e36d356a1b4d0f523a6651223c5846e32b3226a212d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=12855, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11933
last-modified
Sat, 29 Jan 2022 22:00:38 GMT
server
cloudflare
etag
"61f5b906-3237"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc558ff8-FRA
cf-bgj
imgq:100,h2pri
maus-2-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/maus-2-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32fbca293b53d31ba986ea99322894d33c675d97a1ced7bf98a52e77bd21b0f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=15212, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14665
last-modified
Sat, 29 Jan 2022 08:15:07 GMT
server
cloudflare
etag
"61f4f78b-3b6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc578ff8-FRA
cf-bgj
imgq:100,h2pri
iron-man-screenshot-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/12/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/12/iron-man-screenshot-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7556d4af8aa3b9449d17bbaa37847dddad5c8018efd29f241562c010307076e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=7676, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7443
last-modified
Thu, 30 Dec 2021 17:56:11 GMT
server
cloudflare
etag
"61cdf2bb-1dfc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc588ff8-FRA
cf-bgj
imgq:100,h2pri
julie-plec-kevin-williamson-dead-day-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/julie-plec-kevin-williamson-dead-day-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
962f7ad45a486add1b34cd01f38dc3027d3bf127817064becebaaf0b45fba676

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=21946, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8270
last-modified
Thu, 27 Jan 2022 18:00:53 GMT
server
cloudflare
etag
"61f2ddd5-55ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc5b8ff8-FRA
cf-bgj
imgq:100,h2pri
Spiderman-Thumb-3.png-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/12/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/12/Spiderman-Thumb-3.png-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f5ce3bd9f954122a5e017bbc4f28a36e2fcc3a22d2d04da316a366f55e3e7cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=9861, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9520
last-modified
Thu, 09 Dec 2021 21:09:08 GMT
server
cloudflare
etag
"61b27074-2685"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc5c8ff8-FRA
cf-bgj
imgq:100,h2pri
ComicsGallery_DC_20190619__SMYEAR1_01_300-001_HD_5d041f379cb461.68895765-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/06/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/06/ComicsGallery_DC_20190619__SMYEAR1_01_300-001_HD_5d041f379cb461.68895765-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
676e6403bb08590846ec14e2d39a692d5a1899bf610ca9ef85a43db914dc8000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=jpeg, origSize=34516
content-disposition
inline; filename="ComicsGallery_DC_20190619__SMYEAR1_01_300-001_HD_5d041f379cb461.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21746
last-modified
Wed, 19 Jun 2019 16:50:59 GMT
server
cloudflare
etag
"5d0a67f3-86d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc5d8ff8-FRA
cf-bgj
imgq:100,h2pri
batman-banner-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/05/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/05/batman-banner-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c169df76bce2965c8937af0a40df533c98564c446b282abc59e82987cdfdb95

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=jpeg, origSize=19154
content-disposition
inline; filename="batman-banner-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Sat, 25 May 2019 20:21:12 GMT
server
cloudflare
etag
"5ce9a3b8-4ad2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc5f8ff8-FRA
cf-bgj
imgq:100,h2pri
detective-comics-1000-banner-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/03/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/03/detective-comics-1000-banner-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0d2508cf999f223d24f7e1f10429fbf81cca22055da0f0a9fac3505c68e62c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=jpeg, origSize=36133
content-disposition
inline; filename="detective-comics-1000-banner-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24610
last-modified
Tue, 26 Mar 2019 01:56:55 GMT
server
cloudflare
etag
"5c9986e7-8d25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc608ff8-FRA
cf-bgj
imgq:100,h2pri
The-Return-of-Wolverine-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2018/09/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/09/The-Return-of-Wolverine-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31e2070366b499db4a7c279958feb6a3cc9022ffa2cbc25aa42f295fa31b6219

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=jpeg, origSize=40629
content-disposition
inline; filename="The-Return-of-Wolverine-1-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26378
last-modified
Wed, 19 Sep 2018 13:20:17 GMT
server
cloudflare
etag
"5ba24d11-9eb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc628ff8-FRA
cf-bgj
imgq:100,h2pri
Amazing-Spider-Man-1-banner-textless-e1519938493557-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2018/07/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/07/Amazing-Spider-Man-1-banner-textless-e1519938493557-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7363fd822cbce9970c3e0d1cf6e91261aaec7d82f32dddfb589dd4a5081da2cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=jpeg, origSize=37198
content-disposition
inline; filename="Amazing-Spider-Man-1-banner-textless-e1519938493557-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24826
last-modified
Wed, 11 Jul 2018 15:01:36 GMT
server
cloudflare
etag
"5b461bd0-914e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc638ff8-FRA
cf-bgj
imgq:100,h2pri
Captain-America-1-cover-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2018/07/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/07/Captain-America-1-cover-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a33a7428c34b67eb5cb61c7c25b5aac0334d6f4643c3a108324de49ff86f8407

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=jpeg, origSize=31654
content-disposition
inline; filename="Captain-America-1-cover-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18234
last-modified
Wed, 04 Jul 2018 10:34:34 GMT
server
cloudflare
etag
"5b3ca2ba-7ba6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc668ff8-FRA
cf-bgj
imgq:100,h2pri
godfather-50th-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/godfather-50th-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebdc14b23fbb6b3ac00fc338250afcc480b42537917c0a7706e84a30e01aa9e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=33164, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32222
last-modified
Thu, 13 Jan 2022 16:45:27 GMT
server
cloudflare
etag
"61e05727-818c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc688ff8-FRA
cf-bgj
imgq:100,h2pri
lady-gaga-house-of-gucci-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/lady-gaga-house-of-gucci-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5119c3bf4eeafb96ff6d3d2ed98d6adb464a834c22e435fb2255948b16b1d964

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=10580, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10452
last-modified
Wed, 12 Jan 2022 23:31:32 GMT
server
cloudflare
etag
"61df64d4-2954"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc698ff8-FRA
cf-bgj
imgq:100,h2pri
Spiderman-Thumb-4.png-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2021/12/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/12/Spiderman-Thumb-4.png-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81de3d022372c7585957289df3e7b3c5aab73f0208876318a0f2e4c51499da96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=28744, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27594
last-modified
Wed, 15 Dec 2021 21:02:59 GMT
server
cloudflare
etag
"61ba5803-7048"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc6a8ff8-FRA
cf-bgj
imgq:100,h2pri
who-you-gonna-call-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2019/01/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/01/who-you-gonna-call-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c66ea455615b3b75729d2622ab3d98e7d7fc7e47a98af4767873bc48ff15153a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=jpeg, origSize=33585
content-disposition
inline; filename="who-you-gonna-call-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22922
last-modified
Wed, 16 Jan 2019 15:48:10 GMT
server
cloudflare
etag
"5c3f523a-8331"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc6c8ff8-FRA
cf-bgj
imgq:100,h2pri
Venom-Let-There-Be-Carnage-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/09/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/09/Venom-Let-There-Be-Carnage-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e022f878642a64d4118c3dd87040bfa69b6061f03ae5b413a0474e9dedc38e41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=12548, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12144
last-modified
Wed, 15 Sep 2021 21:47:05 GMT
server
cloudflare
etag
"614269d9-3104"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204dcc6f8ff8-FRA
cf-bgj
imgq:100,h2pri
Batman-Thumb-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/11/Batman-Thumb-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3912cdb48b4025ef2dead764c55b64e2e6c64c5c2e678407c9f091578fb10330

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=8339, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8279
last-modified
Wed, 17 Nov 2021 20:59:20 GMT
server
cloudflare
etag
"61956d28-2093"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e0c708ff8-FRA
cf-bgj
imgq:100,h2pri
batman-beyond-header-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/07/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/07/batman-beyond-header-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f98c2ddb1e87658e321407ee62de37aef765555e0704a14e969dddd92d3537f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=jpeg, origSize=27843
content-disposition
inline; filename="batman-beyond-header-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15056
last-modified
Fri, 26 Jul 2019 22:25:10 GMT
server
cloudflare
etag
"5d3b7dc6-6cc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e0c718ff8-FRA
cf-bgj
imgq:100,h2pri
Wonder-Woman-Bloodlines-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/10/Wonder-Woman-Bloodlines-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c98f0b403cf0113301ac3b16bb00610053a877379f6fc4d8350db87974c395e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=jpeg, origSize=24841
content-disposition
inline; filename="Wonder-Woman-Bloodlines-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14046
last-modified
Sun, 13 Oct 2019 21:49:04 GMT
server
cloudflare
etag
"5da39bd0-6109"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e0c738ff8-FRA
cf-bgj
imgq:100,h2pri
supernatural-season-14-photos-125-e1567958111388-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/09/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/09/supernatural-season-14-photos-125-e1567958111388-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2e39b87923eca28344a90203e9db7aa7c85c095852667c9639825ca9351abb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=jpeg, origSize=25836
content-disposition
inline; filename="supernatural-season-14-photos-125-e1567958111388-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16032
last-modified
Sun, 08 Sep 2019 15:55:16 GMT
server
cloudflare
etag
"5d752464-64ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e0c748ff8-FRA
cf-bgj
imgq:100,h2pri
flash-season-5-banner-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2018/10/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/10/flash-season-5-banner-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
353edca7c518cbd38e7e6f889e7c4db8a15d235f18754aa217d149c911f1f5ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=jpeg, origSize=32283
content-disposition
inline; filename="flash-season-5-banner-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19890
last-modified
Sat, 06 Oct 2018 20:00:06 GMT
server
cloudflare
etag
"5bb91446-7e1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e0c768ff8-FRA
cf-bgj
imgq:100,h2pri
Untitled-9-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/08/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/08/Untitled-9-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a9714a5dca7839f2be60d5b669471d6f9a218143591abfee04c3450d2e391dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=jpeg, origSize=28605
content-disposition
inline; filename="Untitled-9-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19074
last-modified
Wed, 21 Aug 2019 01:17:45 GMT
server
cloudflare
etag
"5d5c9bb9-6fbd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e0c778ff8-FRA
cf-bgj
imgq:100,h2pri
GalleryTalent_1900x900_JimLee_HUSH_5b50e10f688065.08491752-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2018/07/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/07/GalleryTalent_1900x900_JimLee_HUSH_5b50e10f688065.08491752-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a82e10cb46c0b0fa8fb9811ba0115d2f197d714fd3b7c8831b8aa7c56101135

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origFmt=jpeg, origSize=30880
content-disposition
inline; filename="GalleryTalent_1900x900_JimLee_HUSH_5b50e10f688065.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20742
last-modified
Sat, 21 Jul 2018 14:03:28 GMT
server
cloudflare
etag
"5b533d30-78a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e0c788ff8-FRA
cf-bgj
imgq:100,h2pri
ajax-loader.gif
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/img/ajax-loader.gif
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9003eb7e3040cdb9591230348da3f8342778da4f6ba8b2ce9deafa8970caba4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2037
cf-polished
origSize=1737, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1669
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
etag
"60ed1d0e-6c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e0c7c8ff8-FRA
cf-bgj
imgq:100,h2pri
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?ver=5.8.3
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
19b2765901525d7caf08438303985a63e6953e049b7c9c68e6621418e15455c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
FnoijcqsKQVVQkpQxldyYQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 31 Jan 2022 04:36:43 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
O3suM47/DG1GjjUBm8P+L+wkfLI7Q7qxzxECeJrK3nwqOm+AE+TwhT2yAe8k+xIVGiR+DGh7isXcEtAtLjRT2w==
x-fb-trip-id
686109401
x-fb-content-md5
860c160b4d4727ffce9d14e3863cd28f
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 31 Jan 2022 04:16:43 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"775e59dc1213930daa0b10345cc87c2e"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
popup.js
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/popup.js?v=2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eff9682459cdf09edbdc26d40a2ebe4ebe9a89398676952d0b06c1630452789

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2291
etag
W/"60ed1d0e-18c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=6341
cf-ray
6d60204dbbff8ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.cookie.js
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery/ 		1 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery/jquery.cookie.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f05412b273a3c32bf550bf721db6302d8c8c8692d25b847f278ef67693195d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2291
etag
W/"60ed1d0e-72e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=1838
cf-ray
6d60204dbc018ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.tweet.js
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery/jquery.tweet.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f23b706c2051cd14bbfdc75b158a623e575846b2a34cf308709793fb72f5e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2291
etag
W/"60ed1d0e-3837"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=14391
cf-ray
6d60204dbc038ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.localscroll.js
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery/ 		1 KB
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery/jquery.localscroll.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c0a69d6de03571afb770c25f2216665c272ff731e3699ca3a2caf80d730f93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2291
etag
W/"60ed1d0e-610"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=1552
cf-ray
6d60204dcc058ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.bxslider.css
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery/bxslider4.2.5/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery/bxslider4.2.5/jquery.bxslider.css
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7952a34f886e3cef6c4522009e3abebb3b7f8254955848f6ef064a915fa9ed23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2798
etag
W/"60ed1d0e-1006"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=4102
cf-ray
6d60204dcc068ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
search.js
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/ 		554 B
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/search.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
507c27740d49f6b21e854adb09f4f2b4e482ce1e2d043e3d71d25a652543465d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2798
etag
W/"60ed1d0e-2d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=720
cf-ray
6d60204dcc078ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.bxslider.js
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery/bxslider4.2.5/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery/bxslider4.2.5/jquery.bxslider.js?=4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51308cfc2cee270e6819ae124d2eb4eec815637c9ac20f0b4a44b20ff0c41689

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 18:48:45 GMT
server
cloudflare
age
2798
etag
W/"61c4c48d-100bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=65727
cf-ray
6d60204dcc088ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
lazyload.min.js
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/lazyload/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/lazyload/lazyload.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
3750
etag
W/"60ed1d0e-d35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6d60204dcc098ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.jcarousel-core.min.js
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery/jquery.jcarousel-core.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8ba6e00e79f5d4ffc5e3f634123c36823648e601c5d6465d27c65e7797d2807

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2843
etag
W/"60ed1d0e-4435"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6d60204dcc0a8ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.viewport.js
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery/ 		1 KB
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/jquery/jquery.viewport.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c51fffe2be6f1a72b6d297c12af42ddea28f64b60d1d75a7fe774114dd6942a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2291
etag
W/"60ed1d0e-4b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6d60204dcc0d8ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
amp-form-0.1.js
cdn.ampproject.org/v0/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaf31e07efb5e2d3d422ec46e533bc72be0827e6205b72af0204f488b470bec8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15332
x-xss-protection
0
server
sffe
date
Mon, 31 Jan 2022 04:16:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"92cc193517a9ee4d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 31 Jan 2022 04:16:43 GMT
face3.js
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/js/face3.js?v=4.90
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d709873b2dd3058fdb02f9325eb522bd13420e9aa57fa9d1c99723ce6947e517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2291
etag
W/"60ed1d0e-138e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=5006
cf-ray
6d60204dcc0e8ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
selectivizr-min.js
cdnjs.cloudflare.com/ajax/libs/selectivizr/1.0.2/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/selectivizr/1.0.2/selectivizr-min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f17fea7cee4a9ae74981b2930b10a3aafd713f4564080def24e5fb8342a338
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
498868
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2152
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-12e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZRmgwDgZA4MQTqqZE0Nun5eMZa1kT8RlSwQTvTPBYmhORhFq7Mlhx%2FTQpeZsUBtcTWL%2FjS%2FifzC6qydJuVroSufA6JkZkzOubAg5V52IZzccDWtuEYdJ6ehgit4LSDqqrkdr%2BDsFFjy8GFkfaTdDn11"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d60204dec11929c-FRA
expires
Sat, 21 Jan 2023 04:16:43 GMT
modernizr-1.7.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/1.7/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/modernizr/1.7/modernizr-1.7.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954e385ecd6ed2ab0cb91dc0333ea1b3cf1bdcfe309d4857e7181324cb8dc25b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
498859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3215
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-233d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S348ryNAG3uezxE9LrG2vLtyIS3Apz2juGdG4AZbPxr1tPn5J5YI2yg71hfUUQB%2FMSM0Cm80sYQff%2FLzsACWgxoVzS6SKQR2AqccPOsJ7KWuZZE33vwZpu0w%2FdGPe%2F0IerYyUR7CJqQzzZY%2F6laStHvC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d60204dec12929c-FRA
expires
Sat, 21 Jan 2023 04:16:43 GMT
114526X1684673.skimlinks.js
s.skimresources.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/114526X1684673.skimlinks.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be47358b1a306df59474d60448124d67568362be0da52e80f3837aa10f8ce47f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
last-modified
Wed, 12 Jan 2022 13:40:35 GMT
server
AmazonS3
x-amz-request-id
ZCJVE2YGFW77WZAJ
etag
"b5e7f77174d4a42b53d41dbc10cf6ab3"
x-hw
1643602603.cds010.am5.hn,1643602603.cds224.am5.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
18775
x-amz-id-2
nwnIhCTdJFqFrDi4hIdX6OTcN9RyqVkobdpP1SyoEACHfPje1mkvG6mtZl2igBIU2N1IUZLTnFk=
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6d60204e39ce5b32-FRA
main-sprite.svg
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/img/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/img/main-sprite.svg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/style.css?ver=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63e5cadd935b4e0f99d4e3813d01b5c71f7348fa8ada43d7e46ac9caa57939a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/style.css?ver=19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2036
etag
W/"60ed1d0e-1e33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
6d60204e0c7e8ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
wegotthiscovered.com/fonts.gstatic.com/s/oswald/v40/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/fonts.gstatic.com/s/oswald/v40/TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c76479768857b5db034bf4673213a475a39fa49b80aa09b21d024291dac1253

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Aug 2021 00:16:59 GMT
server
cloudflare
age
505374
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6d60204e0c818ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24104
expires
Thu, 12 Jan 2023 16:18:01 GMT
wgtc.woff2
wegotthiscovered.com/wp-content/themes/wgtc_v2/font/icons/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wgtc_v2/font/icons/wgtc.woff2?15410951
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c57c4d05d08dad65bc6935b48f240ba3b7a31897805b4def998917a8dcb6ad7

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Jul 2021 07:55:59 GMT
server
cloudflare
age
1865
etag
"60dec68f-10d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e0c828ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4304
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v15/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
last-modified
Thu, 10 Sep 2020 17:02:50 GMT
server
cloudflare
age
505374
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6d60204e0c868ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14872
expires
Mon, 23 Jan 2023 19:00:27 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v15/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
last-modified
Thu, 10 Sep 2020 17:04:37 GMT
server
cloudflare
age
505537
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=2592000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
6d60204e0c8a8ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16256
GettyImages-1350734854.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/GettyImages-1350734854.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f14bbac9d758a951d5b9568e4fbdedf930a947c23a8040febd105d68b7d927e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
6175
cf-polished
origSize=235623, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
203579
last-modified
Sun, 30 Jan 2022 08:40:36 GMT
server
cloudflare
etag
"61f64f04-39867"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e2c998ff8-FRA
cf-bgj
imgq:100,h2pri
image1-74-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2021/10/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/10/image1-74-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57043d78f8cf5526b5a55e16d57f740ad4ea862ca2f597906019160b9c40e911

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2036
cf-polished
origSize=11494, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11156
last-modified
Thu, 21 Oct 2021 06:05:42 GMT
server
cloudflare
etag
"61710336-2ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e2c9b8ff8-FRA
cf-bgj
imgq:100,h2pri
To86FKWSF5LUuKoam63Hk3-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/To86FKWSF5LUuKoam63Hk3-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
661abd0d64a9b9e2aae3d1ffaef4c2ba19f82ec5149d783ce4da4edd6bc17813

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2036
cf-polished
origSize=28575, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10989
last-modified
Sun, 30 Jan 2022 08:19:24 GMT
server
cloudflare
etag
"61f64a0c-6f9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e2c9f8ff8-FRA
cf-bgj
imgq:100,h2pri
picard-202-tp-4351-rt-1-e1643497868203-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/picard-202-tp-4351-rt-1-e1643497868203-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ec0c534276734038633f26e02e18a9517ffe8a3d73f7bec41e44c31848af549

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2036
cf-polished
origSize=10350, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10308
last-modified
Sat, 29 Jan 2022 23:11:09 GMT
server
cloudflare
etag
"61f5c98d-286e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e2ca38ff8-FRA
cf-bgj
imgq:100,h2pri
GettyImages-1176945851-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/GettyImages-1176945851-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4bd9ef2e8f81379e29602da18a83097a149c396b0d13e87217e2692613ba7a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2036
cf-polished
origSize=27089, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13356
last-modified
Sun, 30 Jan 2022 09:29:43 GMT
server
cloudflare
etag
"61f65a87-69d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e2ca78ff8-FRA
cf-bgj
imgq:100,h2pri
image-27-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2021/09/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/09/image-27-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b11c2d7fe116f71f28c56ae965e0ab4fc036380604a76d024366138576e3cecb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2036
cf-polished
origSize=23787, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22948
last-modified
Sat, 11 Sep 2021 04:37:27 GMT
server
cloudflare
etag
"613c3287-5ceb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e2cac8ff8-FRA
cf-bgj
imgq:100,h2pri
Skyrim_races1-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/Skyrim_races1-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
755bf48c476bdef2c99e2704005a0093fb304cb001ce23cbedc55439b91b6719

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2036
cf-polished
origSize=19213, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18703
last-modified
Fri, 28 Jan 2022 18:51:47 GMT
server
cloudflare
etag
"61f43b43-4b0d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204e2cae8ff8-FRA
cf-bgj
imgq:100,h2pri
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035334&ns__t=1643602603232&ns_c=UTF-8&cv=3.5&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20G...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035334&ns__t=1643602603232&ns_c=UTF-8&cv=3.5&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20...
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035334&ns__t=1643602603232&ns_c=UTF-8&cv=3.5&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&c7=https%3A%2F%2Fwegotthiscovered.com%2F&c9=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
13.225.80.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-90.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
h7cAZqfRnoZj9InAeaYjiXgrAy0p3JngtoafSKBkRw8CuaQlZmgR5w==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035334&ns__t=1643602603232&ns_c=UTF-8&cv=3.5&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&c7=https%3A%2F%2Fwegotthiscovered.com%2F&c9=
content-length
284
x-amz-cf-id
YJfeEnuF9AdkH7hKAHoFjQOqyaPUB3_GpE1Z2-TVLzEoaautgLIMWQ==
1.91.0-google-sra-timeout-2.js
global.proper.io/payloads/ 		414 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/wegotthiscovered.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7300fe0ead66e0e8d4d1d91136ef7fb6aa157b614e1f9293f807dcca5e837ee2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Nov 2021 18:22:40 GMT
server
cloudflare
age
597148
etag
W/"61896af0-676dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6d60204e39856993-FRA
expires
Mon, 31 Jan 2022 04:21:43 GMT
226866098399083
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/226866098399083?v=2.9.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9896789a730bbb8d056a1b50c6ff07da76264464257d811234637f35dca051c6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
88980
x-xss-protection
0
pragma
public
x-fb-debug
0n+8YNSieQab66SWoL7QSVXBEjsY8sXV+aHe4R0xZ1V3jI59f20jX5ZrXM5QlLF46VzxINFY3Qr8y5PPhJSTvQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 31 Jan 2022 04:16:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
liveView.php
live.primis.tech/live/ Frame 2DF9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108034&playerApiId=primisPlayer&cbuster=1643602603&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&playerApiId=primisPlayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
fce57176c3fc529904284c4bca3e583b9409219fcf863e9891f32659aaa378dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:42 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
video-cat.svg
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/img/ 		911 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/img/video-cat.svg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/style.css?ver=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67caa0cc0d6a05abbbf89a054bd76852d080a5168ba02cc7d9e9a0e75afde05d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/style.css?ver=19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2035
etag
W/"60ed1d0e-38f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
6d60204e5cc28ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1137195-featured-320x165.jpg
wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/1137195-featured-320x165.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e96d2f779f33260944376e53b6c7f8d6e4fd6527850595f0c7fc9ef72a306ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
1512
cf-polished
origSize=10782, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10583
last-modified
Mon, 24 Jan 2022 22:57:50 GMT
server
cloudflare
etag
"61ef2eee-2a1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204eed248ff8-FRA
cf-bgj
imgq:100,h2pri
1140807-featured-320x165.jpg
wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/1140807-featured-320x165.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f0fea18b0934e70b8e4a952a8266eef806b22679cb6537c006b1bef734aef4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
6083
cf-polished
origSize=21337, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9030
last-modified
Sun, 30 Jan 2022 05:05:38 GMT
server
cloudflare
etag
"61f61ca2-5359"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204eed258ff8-FRA
cf-bgj
imgq:100,h2pri
1138392-featured-320x165.jpeg
wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/1138392-featured-320x165.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5082b2b8ffc1cdcf842772a52381784567db8aa9c9ef1454f699135cfc7a7689

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
4610
cf-polished
origSize=9554, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9464
last-modified
Sun, 30 Jan 2022 05:05:38 GMT
server
cloudflare
etag
"61f61ca2-2552"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204eed278ff8-FRA
cf-bgj
imgq:100,h2pri
atrk.gif
certify.alexametrics.com/ 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&time=1643602603380&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwegotthiscovered.com%2F&random_number=19893221993&sess_cookie=a95e5de117eae596d74c0f89357&sess_cookie_flag=1&user_cookie=a95e5de117eae596d74c0f89357&user_cookie_flag=1&dynamic=true&domain=wegotthiscovered.com&account=FMu/w1hNdI20fn&jsv=20130128&user_lang=en-US
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 04:13:28 GMT
Via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
196
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
DUS51-P2
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
5jqXtaAS0CCDbLAotI3j3vhN7Gs0jTzb26pFTsn6Px-P7jCTUp4Hmg==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.217.60.34 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-217-60-34.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
server
Server
all.js
connect.facebook.net/en_US/ 		285 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=f798026f78df06d3e43e33785b9750ae
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?ver=5.8.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f1fc528926e95c19b118679b383b6bbde887936ea0f27f67c037049bb26bf498
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
xf/VPNZpyqrSnt2E2JUn7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 31 Jan 2023 03:07:27 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82070
x-fb-rlafr
0
x-fb-debug
XjHowLq7vdDyGUxfJ9hANeloVYF3rVpEdffwFV0FBgbBhKChHbEY2ox6nxVUNOOA5VZEpK1iLB34MucFBOAW0Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e44f87dae1ffe146e86b0c014284c54c
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 31 Jan 2022 04:16:43 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"11a5cbd289f51580d1bdf462ecafaeb0"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
/
r.skimresources.com/api/ 		150 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684673.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
48bd0e42f707c2ce131de014bf337a3d41b15440520ab32876f7f68b0583572e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
robots.txt
t.skimresources.com/api/v2/ Frame 4C49 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5835370752829601
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=3.2098681940233247
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=3.2098681940233247
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 2DF9 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&playerApiId=primisPlayer&cbuster=1643602603&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 31 Jan 2023 04:16:43 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 2DF9 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&playerApiId=primisPlayer&cbuster=1643602603&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:42 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 31 Jan 2023 04:16:42 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 2DF9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&playerApiId=primisPlayer&cbuster=1643602603&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 31 Jan 2023 04:16:43 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame 2DF9 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&playerApiId=primisPlayer&cbuster=1643602603&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:42 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 31 Jan 2023 04:16:42 GMT
prebidVid.5.18.0_8.min.js
live.primis.tech/content/prebid/ Frame 2DF9 		478 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&playerApiId=primisPlayer&cbuster=1643602603&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5fb143acb6c2530794155476810cebbd511a5b51399ae7ed92f77e6bf7d2cf55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
last-modified
Thu, 20 Jan 2022 13:46:33 GMT
server
nginx
etag
W/"61e967b9-777e2"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 31 Jan 2023 04:16:43 GMT
liveVideo.php
live.primis.tech/live/ Frame 2DF9 		544 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D33315F30367D7B7331363635343432387D7B4335377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=185.213.155.169&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f762ab3fa2c&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810qigjmtry&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&playerApiId=primisPlayer&cbuster=1643602603&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
12cb781ca6a1d562d34e4f7ff12047131a46c638db59b7541fedb1c1a70c9495

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:42 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
ajax-loader-2.gif
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/img/ 		613 B
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/img/ajax-loader-2.gif
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/style.css?ver=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9e8ae4b52da14c2647bcd0d9697ccb862c5e8cf6f617bbecb1153beb33e950

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/style.css?ver=19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
cf-cache-status
HIT
age
2034
cf-polished
origSize=673, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
613
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
etag
"60ed1d0e-2a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d60204fad9b8ff8-FRA
cf-bgj
imgq:100,h2pri
carousel-ctrls.svg
wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/img/ 		750 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/img/carousel-ctrls.svg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/style.css?ver=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cbfa45685b4ad91c14f3256742155082ef47dc59fb6838faff5329877c5ad9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/wp-content/themes/wegotthiscovered-wordpress-theme/style.css?ver=19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jul 2021 04:56:46 GMT
server
cloudflare
age
2033
etag
W/"60ed1d0e-2ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
6d60204fada68ff8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 07 Feb 2022 04:16:43 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=226866098399083&ev=PageView&dl=https%3A%2F%2Fwegotthiscovered.com%2F&rl=&if=false&ts=1643602603559&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.1.1643602603557.718828742&it=1643602603240&coo=false&exp=p0&rqm=GET
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 31 Jan 2022 04:16:43 GMT
tp2
spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://wegotthiscovered.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
x-cloud-trace-context
5928eedc72c0c7b0dfdc1ca3c865e785
date
Mon, 31 Jan 2022 04:16:43 GMT
content-type
text/html
server
Google Frontend
content-length
0
via
1.1 google
alt-svc
clear
tp2
spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/ 		2 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/plow.lite.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://wegotthiscovered.com
x-cloud-trace-context
8cbdf5868a5247f9904e36acba4d20cd
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
acv.json
superficialeyes.com/ 		210 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/acv.json
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
last-modified
Tue, 25 Jan 2022 18:07:59 GMT
x-datacenter
gce-europe-west1
date
Mon, 31 Jan 2022 04:16:43 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-c63t
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
age
15336129
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
3iTVXsdjFZ-VKSvMDIHpYrAxuwRSGFqZmNC735egwNqKaoUzY_lgHg==
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/ 		283 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9356934496955375&plah=wegotthiscovered.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f4fdf9f78a6678207ffa7eabc4f2a2eac3cd756b3aa69c6ad75b4dc81ce1d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104322
x-xss-protection
0
server
cafe
etag
107536255599717519
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 04:16:43 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame C7F4 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Sun, 30 Jan 2022 15:52:32 GMT
expires
Sun, 13 Feb 2022 15:52:32 GMT
cache-control
public, max-age=1209600
age
44651
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17178859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2509
date
Mon, 31 Jan 2022 03:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 31 Jan 2022 05:34:54 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
c987618d391c9f3e81850a874a05a8a766d1a583dbbe3d222174ca491b2df3af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27099
x-xss-protection
0
server
sffe
etag
"1118 / 137 of 1000 / last-modified: 1643411190"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 31 Jan 2022 04:16:43 GMT
merge
ce.lijit.com/ 		0
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=263069&3pid=9b9bc193-1923-4c21-97db-f1da9d94784e&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn%26proper_uid%3D9b9bc193-1923-4c21-97db-f1da9d94784e%26uid%3D%5BSOVRNID%5D&gdpr=false&us_privacy=1---&callback=window.proper_c90956e0_01ce093f_1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:43 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D9b9bc193-1923-4c21-97db-f1da9d94784e%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&us_pri...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D9b9bc193-1923-4c21-97db-f1da9d94784e%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=9b9bc193-1923-4c21-97db-f1da9d94784e&uid=98feba6e-fa9a-4b43-8ef1-a31684266eb6
183 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=9b9bc193-1923-4c21-97db-f1da9d94784e&uid=98feba6e-fa9a-4b43-8ef1-a31684266eb6
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
35.164.52.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-52-163.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8d640e6b6737bda6046e35303e215fea6cacb71cd0e7f835368125f5bc39f15f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 Jan 2022 04:16:44 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

Location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=9b9bc193-1923-4c21-97db-f1da9d94784e&uid=98feba6e-fa9a-4b43-8ef1-a31684266eb6
Date
Mon, 31 Jan 2022 04:16:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_4d4deff9_632f52a1_3
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_4d4deff9_632f52a1_3&verify=true
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-ZdOZOVFE2uEIKL7XQmQnmb3xZMP34Ohl~A
151 B
363 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-ZdOZOVFE2uEIKL7XQmQnmb3xZMP34Ohl~A
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
35.164.52.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-52-163.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
b1387edfc1a4b95062ab9021e064eb6244f3888cc60afaf51bcde1a58d5a49a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 Jan 2022 04:16:44 GMT
server
nginx/1.18.0
content-length
151
content-type
text/javascript

Redirect headers

location
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-ZdOZOVFE2uEIKL7XQmQnmb3xZMP34Ohl~A
date
Mon, 31 Jan 2022 04:16:43 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
445.json
id5-sync.com/g/v2/ 		213 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.10 , France, ASN16276 (OVH, FR),
Reverse DNS
p31.id5-sync.com
Software
/
Resource Hash
60a277fe84d5a860a3a23d46a61fc6521bc83717fe00bd726a90a6bf73d4418d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://wegotthiscovered.com
Date
Mon, 31 Jan 2022 04:16:43 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.sharedid.org/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/id
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.145.70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-145-70.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires
0
envelope
api.rlcdn.com/api/identity/ 		44 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=72
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.168.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-168-153.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 31 Jan 2022 04:16:44 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
page
t.skimresources.com/api/v2/ 		22 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684673.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:c400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 03:29:56 GMT
content-encoding
gzip
age
2825
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 03 Nov 2021 22:03:49 GMT
server
AmazonS3
etag
W/"ebff52074a206856b4f1993710373d93"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
Z-phaxsk4UNaxQQ2gD3Qr-Yn7iCqulkj-5zMVm8J3R6gLPO-HDxhwA==
primisslate.css
live.primis.tech/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D33315F30367D7B7331363635343432387D7B4335377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=185.213.155.169&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f762ab3fa2c&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810qigjmtry&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2DF9 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D33315F30367D7B7331363635343432387D7B4335377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=185.213.155.169&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f762ab3fa2c&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810qigjmtry&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
HFEsVPyG2xdk9_FYeN9qMCR4YggSwnaH
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
462
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1H6DVAA67DM3MCP7YMH7
date
Mon, 31 Jan 2022 04:09:34 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Q5e0byXIuHU1QkzGrWxpGUId_5fVNYB_fXy79L1HqLflhqlpgtqgAg==
css
fonts.googleapis.com/ Frame C252 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 02:22:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 31 Jan 2022 04:16:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jan 2022 04:16:43 GMT
css
fonts.googleapis.com/ 		1 KB
501 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Assistant&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D33315F30367D7B7331363635343432387D7B4335377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=185.213.155.169&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f762ab3fa2c&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810qigjmtry&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
137231356bfa88b77d4b0fa5bcff25a7ee47b571d6c5d907be4c20c1762114ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 02:59:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 31 Jan 2022 04:16:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jan 2022 04:16:43 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AE30 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D33315F30367D7B7331363635343432387D7B4335377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=185.213.155.169&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f762ab3fa2c&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810qigjmtry&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=60145
expires
Mon, 31 Jan 2022 20:59:08 GMT
date
Mon, 31 Jan 2022 04:16:43 GMT
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame 2300
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=94&advUuid=9920e64d-824c-11ec-8163-14bc9e680406
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=94&advUuid=9920e64d-824c-11ec-8163-14bc9e680406
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D33315F30367D7B7331363635343432387D7B4335377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=185.213.155.169&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f762ab3fa2c&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810qigjmtry&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 04:16:43 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 31 Jan 2022 04:16:44 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=94&advUuid=9920e64d-824c-11ec-8163-14bc9e680406
X-fe
42
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cm
u.openx.net/w/1.0/ Frame 925E 		43 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D33315F30367D7B7331363635343432387D7B4335377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=185.213.155.169&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f762ab3fa2c&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810qigjmtry&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Mon, 31 Jan 2022 04:16:43 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.html
s.console.adtarget.com.tr/ Frame 3C46 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D33315F30367D7B7331363635343432387D7B4335377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=185.213.155.169&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f762ab3fa2c&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810qigjmtry&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
a6b7528807c7a8ce7de177d0d17de8f904f6f8e40a716cf10ffb91b87e2ae7f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/

Response headers

Server
VertaMedia 1.0
Date
Mon, 31 Jan 2022 04:16:42 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
905
Access-Control-Allow-Origin
https://wegotthiscovered.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame 2DF9 		48 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwUyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwUjMmpyMxZ2nWRyo181YwQmNWU3NGI4ZTMkNwYjNDAkMTU0JTJGqzyxNwFzNDU4MDRxZTI5Mwt3Mmx3MDp2Mv5gpDQzqzyxX2NioaRyoaRsnWQ9MwA1Nmx3MlZ2nWRsY29hqGVhqF9xZXNwPU1BTxRBTE9SSUFOK1NyYXNiovfmJTNBK0ymK3RbZSgCo29eK29zK0JiYzEeRzV0qCgTZXR0nW5aK1VjK2FhK0FWRU5HRVJTJTNBK0VOREqBTUUgTGV2ZWjeRXZyoaQyM0YeUxVBQ1RJT04zqzyxX2NioaRyoaRsqGy0oGU9TUFOREFMT1JJQU4eU2Vup29hKmMyM0EeSXMeqGuyK0Jio2feo2YeQz9vYSgGZXR0K1NyqHRcozpeVXAeYW4eQVZFTxqFUyMyM0EeRU5ER0FNRS1MZXZyoCgFqzVhqCUmRvgSRUFDVEyPTvZ2nWRsY29hqGVhqF9xqXJuqGyiow0kNmAjJzRyYaVaSW5zo3JgYXRco249Jat9NwAjJax9NDAjJaB1YyVloD1bqHRjplUmQSUlRvUlRaqyZ290qGucp2NiqzVlZWQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmElRDMmMmE1RwMjMmY3RDqCNmMmMTM2MmYmNTM0MmQmMwM4N0Q3QwQmMmUmNmqEN0I1MmY0MmI1NwZFNwImMmUlMmA2MTQ3NxM3QTU5MmImOTMlNUE1ODRBNxM1QTQmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmEmMTMjMmMmNDqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NTAhMTA0OSZaZW9Mo25aPTthNwI5NSZ1p2VlSXBBZGRlPTE4NS4lMTMhMTU1LwE2OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTphMC40NwxlLwpkK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYkZwp2MzFvM2ZuMzMzY2J1p3Rypw0kNwQmNwAlNwAmODAkJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D33315F30367D7B7331363635343432387D7B4335377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=185.213.155.169&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f762ab3fa2c&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810qigjmtry&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
90f9f9aefce9207a3e9dbb3930ba4afe97f1738fcb84b7ead91e7df7c232fb7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
6240
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY0MmYjMwYjMlZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4MDM0JaN0YT0jJat9NwAjJax9NDAjJaZcZF9jYXNmRG9gYWyhPXqyZ290qGucp2NiqzVlZWQhY29gJaN1YxyxPXqyZ290qGucp2NiqzVlZWQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMTJEMmMmMTVGMmAmNwqEN0I3MmMkMmYmNwM1MmQmNDMlMmt3RDqCNDMmNTM3N0Q3QwUmNwQmMwU2NxU2MwMmNTImMDYkNDp2QmqBNTxmMwM5MmI1QTU4NEE2QmVBNDMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmMDMjN0Q3QwU5MmQmMDMjN0Q3QwY2MmE3RDqCNEMmMTMkMmAmMmM0N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTE4NS4lMTMhMTU1LwE2OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nl4jLwQ2OTIhNmEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkZwp2MzFvM2ZuMzMzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY0MmYjMwYjMmp5NCZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWY3NwJuYwqxZWFyJaB1YyVloD1bqHRjplUmQSUlRvUlRaqyZ290qGucp2NiqzVlZWQhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame 2DF9 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 04:16:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 2DF9
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=93&advUuid=b6a95ae7-c7e2-4756-8d5b-66841e67ee12
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=93&advUuid=b6a95ae7-c7e2-4756-8d5b-66841e67ee12
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=93&advUuid=b6a95ae7-c7e2-4756-8d5b-66841e67ee12
date
Mon, 31 Jan 2022 04:16:43 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame 2DF9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=99&advUuid=YfdiqxOUss2MGpDOxESJyAAABHMAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=99&advUuid=YfdiqxOUss2MGpDOxESJyAAABHMAAAAB
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:43 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=99&advUuid=YfdiqxOUss2MGpDOxESJyAAABHMAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Mon, 31 Jan 2022 04:16:43 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 2DF9
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServl...
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofile...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D2332745991239...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=2332745991239148496250
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=2332745991239148496250
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
13.225.80.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-81.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=2332745991239148496250
cache-control
no-store
content-type
text/html; charset=utf-8
sync.php
pixel.rubiconproject.com/exchange/ Frame 2DF9 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 2DF9
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D61f762ab3fa2c%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=105&advUuid=1404262804935752776
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=105&advUuid=1404262804935752776
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:43 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
425d91f4-5050-41ad-bc89-ca8816fa0da7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f762ab3fa2c&pixel=&advId=105&advUuid=1404262804935752776
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid61f45804de292873970762.jpg
video.primis.tech/uploads/cn25/video/users/converted/25037/video_5b435e74b8e31660401154/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn25/video/users/converted/25037/video_5b435e74b8e31660401154/vid61f45804de292873970762.jpg?cbuster=1643407316
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
6c5277c17a1e9876fc139a9f3a50bfb5320b5583f802a7ca7c9609244af57ce8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified
Fri, 28 Jan 2022 22:07:14 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"4efc452149bc8b63de2a991390a08ec2"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 14 Feb 2022 04:16:43 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
22237
x-amz-cf-id
230YvLul6b4IOFyPJ1YZ0wKL_326rDi3SkT_kNG2dEYLnkCWEYMxGA==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ Frame 2DF9 		48 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwUyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwUjMmpyMxZ2nWRyo181YwQmNWU3NGI4ZTMkNwYjNDAkMTU0JTJGqzyxNwFzNDU4MDRxZTI5Mwt3Mmx3MDp2Mv5gpDQzqzyxX2NioaRyoaRsnWQ9MwA1Nmx3MlZ2nWRsY29hqGVhqF9xZXNwPU1BTxRBTE9SSUFOK1NyYXNiovfmJTNBK0ymK3RbZSgCo29eK29zK0JiYzEeRzV0qCgTZXR0nW5aK1VjK2FhK0FWRU5HRVJTJTNBK0VOREqBTUUgTGV2ZWjeRXZyoaQyM0YeUxVBQ1RJT04zqzyxX2NioaRyoaRsqGy0oGU9TUFOREFMT1JJQU4eU2Vup29hKmMyM0EeSXMeqGuyK0Jio2feo2YeQz9vYSgGZXR0K1NyqHRcozpeVXAeYW4eQVZFTxqFUyMyM0EeRU5ER0FNRS1MZXZyoCgFqzVhqCUmRvgSRUFDVEyPTvZ2nWRsY29hqGVhqF9xqXJuqGyiow0kNmAjJzRyYaVaSW5zo3JgYXRco249Jat9Nmp3Jax9NDM3JaB1YyVloD1bqHRjplUmQSUlRvUlRaqyZ290qGucp2NiqzVlZWQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmElRDMmMmE1RwMjMmY3RDqCNmMmMTM2MmYmNTM0MmQmMwM4N0Q3QwQmMmUmNmqEN0I1MmY0MmI1NwZFNwImMmUlMmA2MTQ3NxM3QTU5MmImOTMlNUE1ODRBNxM1QTQmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmEmMTMjMmMmNDqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NTAhMTA0OSZaZW9Mo25aPTthNwI5NSZ1p2VlSXBBZGRlPTE4NS4lMTMhMTU1LwE2OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTphMC40NwxlLwpkK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYkZwp2MzFvM2ZuMzMzY2J1p3Rypw0kNwQmNwAlNwAmODIlJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D33315F30367D7B7331363635343432387D7B4335377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=185.213.155.169&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f762ab3fa2c&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810qigjmtry&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
f2913c658584e6b3d551f601541dbc179c2429053006e5dd9d68821ca158814d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
6356
liveView.php
live.primis.tech/live/ Frame 2DF9 		48 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwUyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwUjMmpyMxZ2nWRyo181YwQmNWU3NGI4ZTMkNwYjNDAkMTU0JTJGqzyxNwFzNDU4MDRxZTI5Mwt3Mmx3MDp2Mv5gpDQzqzyxX2NioaRyoaRsnWQ9MwA1Nmx3MlZ2nWRsY29hqGVhqF9xZXNwPU1BTxRBTE9SSUFOK1NyYXNiovfmJTNBK0ymK3RbZSgCo29eK29zK0JiYzEeRzV0qCgTZXR0nW5aK1VjK2FhK0FWRU5HRVJTJTNBK0VOREqBTUUgTGV2ZWjeRXZyoaQyM0YeUxVBQ1RJT04zqzyxX2NioaRyoaRsqGy0oGU9TUFOREFMT1JJQU4eU2Vup29hKmMyM0EeSXMeqGuyK0Jio2feo2YeQz9vYSgGZXR0K1NyqHRcozpeVXAeYW4eQVZFTxqFUyMyM0EeRU5ER0FNRS1MZXZyoCgFqzVhqCUmRvgSRUFDVEyPTvZ2nWRsY29hqGVhqF9xqXJuqGyiow0kNmAjJzRyYaVaSW5zo3JgYXRco249Jat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRaqyZ290qGucp2NiqzVlZWQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmElRDMmMmE1RwMjMmY3RDqCNmMmMTM2MmYmNTM0MmQmMwM4N0Q3QwQmMmUmNmqEN0I1MmY0MmI1NwZFNwImMmUlMmA2MTQ3NxM3QTU5MmImOTMlNUE1ODRBNxM1QTQmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmEmMTMjMmMmNDqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NTAhMTA0OSZaZW9Mo25aPTthNwI5NSZ1p2VlSXBBZGRlPTE4NS4lMTMhMTU1LwE2OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTphMC40NwxlLwpkK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYkZwp2MzFvM2ZuMzMzY2J1p3Rypw0kNwQmNwAlNwAmODImJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D33315F30367D7B7331363635343432387D7B4335377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=185.213.155.169&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f762ab3fa2c&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810qigjmtry&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e74eff346730ca76477c6ced890e0c4b15922551b615e72a05ecbc06623d4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
6357
liveView.php
live.primis.tech/live/ Frame 2DF9 		41 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwUyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwUjMmpyMxZ2nWRyo181YwQmNWU3NGI4ZTMkNwYjNDAkMTU0JTJGqzyxNwFzNDU4MDRxZTI5Mwt3Mmx3MDp2Mv5gpDQzqzyxX2NioaRyoaRsnWQ9MwA1Nmx3MlZ2nWRsY29hqGVhqF9xZXNwPU1BTxRBTE9SSUFOK1NyYXNiovfmJTNBK0ymK3RbZSgCo29eK29zK0JiYzEeRzV0qCgTZXR0nW5aK1VjK2FhK0FWRU5HRVJTJTNBK0VOREqBTUUgTGV2ZWjeRXZyoaQyM0YeUxVBQ1RJT04zqzyxX2NioaRyoaRsqGy0oGU9TUFOREFMT1JJQU4eU2Vup29hKmMyM0EeSXMeqGuyK0Jio2feo2YeQz9vYSgGZXR0K1NyqHRcozpeVXAeYW4eQVZFTxqFUyMyM0EeRU5ER0FNRS1MZXZyoCgFqzVhqCUmRvgSRUFDVEyPTvZ2nWRsY29hqGVhqF9xqXJuqGyiow0kNmAjJzRyYaVaSW5zo3JgYXRco249Jat9Nmp3Jax9NDM3JaB1YyVloD1bqHRjplUmQSUlRvUlRaqyZ290qGucp2NiqzVlZWQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmElRDMmMmE1RwMjMmY3RDqCNmMmMTM2MmYmNTM0MmQmMwM4N0Q3QwQmMmUmNmqEN0I1MmY0MmI1NwZFNwImMmUlMmA2MTQ3NxM3QTU5MmImOTMlNUE1ODRBNxM1QTQmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmEmMTMjMmMmNDqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NTAhMTA0OSZaZW9Mo25aPTthNwI5NSZ1p2VlSXBBZGRlPTE4NS4lMTMhMTU1LwE2OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTphMC40NwxlLwpkK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYkZwp2MzFvM2ZuMzMzY2J1p3Rypw0kNwQmNwAlNwAmODI0JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D33315F30367D7B7331363635343432387D7B4335377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=185.213.155.169&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f762ab3fa2c&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810qigjmtry&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
c2636950e24a16cabde437cfe063116861f1c980d083fd02be2721f1be9bd3bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
5963
auction
tlx.3lift.com/header/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.18.0&referrer=https%3A%2F%2Fwegotthiscovered.com%2F&tmax=1200&gdpr=true&us_privacy=1---
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.69.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-69-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
69f089641908c420c8e09b3871ccf52e7b47dacee6c1d31a81ae06ffd61063b2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2199
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1643602603835&secure=true&version=9&mobile=false&title=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&url=https%3A%2F%2Fwegotthiscovered.com%2F&measurable=true&property=60c0ff8a18400d001f93c44c&bids[0][bidId]=wegotthiscovered_728x90-1&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[1][bidId]=wegotthiscovered_728x90-2&bids[1][sizes][0][width]=728&bids[1][sizes][0][height]=90&bids[2][bidId]=wegotthiscovered_300x250-1&bids[2][sizes][0][width]=300&bids[2][sizes][0][height]=250&bids[3][bidId]=wegotthiscovered_300x250-2&bids[3][sizes][0][width]=300&bids[3][sizes][0][height]=250&bids[4][bidId]=wegotthiscovered_300x250-3&bids[4][sizes][0][width]=300&bids[4][sizes][0][height]=250&bids[5][bidId]=wegotthiscovered_300x600-1&bids[5][sizes][0][width]=300&bids[5][sizes][0][height]=600&bids[6][bidId]=wegotthiscovered_970x250-1&bids[6][sizes][0][width]=970&bids[6][sizes][0][height]=250&foo
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.217.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-217-176.compute-1.amazonaws.com
Software
/ Express
Resource Hash
64dd95525173dc5246e7de8a90b5ef0b70fc81dfa28f95128655e9bbf06ef8c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
x-powered-by
Express
etag
W/"38-j+QluauoRNMzslKPSENrjRqTs14"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		392 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fwegotthiscovered.com%2F
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
ae1dcff32bb920705348f39e8261e0bd0f6cb1c07671a75ed25c89ac8109d204
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
392
expires
0
cygnus
htlb.casalemedia.com/ 		58 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=684068&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229ec291b2-c79c-4d7e-a9a2-a3a537e5ac31%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-t7Mi3%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-t7Mi3%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22728x90-2-hrkRo%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-hrkRo%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22970x90-1-Ytvwr%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22970x90-1-Ytvwr%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A970%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22300x250-1-BLsnl%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-BLsnl%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-2-QxR8q%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-QxR8q%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-3-cojDy%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-cojDy%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-4-SeOgq%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-4-SeOgq%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x600-1-7QCyx%22%2C%22bidfloor%22%3A1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-7QCyx%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22970x250-1-Sv5sc%22%2C%22bidfloor%22%3A1.25%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22970x250-1-Sv5sc%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A970%2C%22h%22%3A250%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22b8ed7f23-c3c3-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
05f6ec43a18a29b286afa7210544347956706d0035fa829256e1b52386e8d0eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.169], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
58
x-ak-client-geo
12
expires
Mon, 31 Jan 2022 04:16:43 GMT
/
hb.emxdgt.com/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1000&ts=1643602603837
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 31 Jan 2022 04:16:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		837 B
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=378212&zone_id=2088034&size_id=15%3B2%3B15%3B15%3B15%3B57&alt_size_ids=2%3B%3B%3B%3B10%3B&rp_floor=0.1%3B0.1%3B0.1%3B0.1%3B0.1%3B1.25&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=c9359f31-4f15-4dc5-9d74-4979ae3da742%3B92e12799-46a1-4e73-815d-29b30f020b28%3B4d74343c-dec9-45c6-80c4-189a6225234f%3B1402f2f4-3db3-429f-a99d-8b77881c4dde%3Bd027a098-d41b-4db4-8573-79060e89ea8e%3B92301c04-506f-4b43-88c6-63bbf69a8647&p_screen_res=1600x1200&tg_fl.eid=2088034-4%3B2088034-5%3B2088034-1%3B2088034-2%3B2088034-3%3B2088034-7&rf=https%3A%2F%2Fwegotthiscovered.com%2F&x_source.pchain=proper.io%3Ab8ed7f23-c3c3-11eb-8272-06ef03bc0096&ppuid=9b9bc193-1923-4c21-97db-f1da9d94784e&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=9b9bc193-1923-4c21-97db-f1da9d94784e%5E1&gdpr=1&us_privacy=1---&rp_schain=1.0%2C1!proper.io%2Cb8ed7f23-c3c3-11eb-8272-06ef03bc0096%2C1&slots=6&rand=0.10536589388411066
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
cc0acbbf5a82c65c6944bf7f07319ce12fc7a9c402d6a54998279be7a96107f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:44 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wegotthiscovered.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
837
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
0
trinity.json
apex.go.sonobi.com/ 		282 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222c7f33dec4dac1aef181%22%3A%222c7f33dec4dac1aef181%7C728x90%7C0.1%22%2C%22d3a5634c22c38b36c65c%22%3A%22d3a5634c22c38b36c65c%7C728x90%7C0.1%22%2C%22703655e503a7d7375380%22%3A%22703655e503a7d7375380%7C300x250%7C0.1%22%2C%22f9db147c25e11d5b246b%22%3A%22f9db147c25e11d5b246b%7C300x250%7C0.1%22%2C%228be984380e9d3e24214d%22%3A%228be984380e9d3e24214d%7C300x250%7C0.1%22%2C%22e75905403a42ff80ec58%22%3A%22e75905403a42ff80ec58%7C300x250%7C0.1%22%2C%22915ace92796b2155a77c%22%3A%22915ace92796b2155a77c%7C300x600%7C1%22%2C%22fa15dd19293ec019b59b%22%3A%22fa15dd19293ec019b59b%7C970x250%7C1.25%22%7D&ref=https%3A%2F%2Fwegotthiscovered.com%2F&s=7fbf39fd-bcfe-4264-96e0-d9e61abc1a7f&pv=a0015a08-f48b-453d-b94c-930c30fc14b1&vp=desktop&lib_name=prebid&lib_v=5.18.0&us=1&ius=1&userid=%7B%22pubcid%22%3A%229b9bc193-1923-4c21-97db-f1da9d94784e%22%2C%22id5id%22%3A%7B%22uid%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%7D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22b8ed7f23-c3c3-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D&gdpr=true&us_privacy=1---
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
7977930e6270b12a76394b3377b52b334fa5d83a67ee8d57199387851a5424f0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:44 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-64
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://wegotthiscovered.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
207
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		87 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
290da37ac84b04e9c396bcc44a3fd3451f9f120cdde81bc865d59dce99a91f12

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
81479160d751cc15348df1854bd41d2ab88276f163a08ebee2dfaaa73ea514fd

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0fed0a9895c267bfad9f04e60541aa5b2fc8263b2041d9a941e90120d02bb550

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8482aa6ef251f1c25551c351123772eb46dc4f2d4c1f547ff7c124b862743f35

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
bd7019a61423675e52bdba2f2e2da34cbdf002da173954e0189af0a4ae013e6f

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
a6882cb265ba2e2b0ae64e04d8501ffaf944d1c9f3cca54e59d6cf9e22cdc61c

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.18.0&cb=33484885419&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
bid
ap.lijit.com/rtb/ 		115 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.18.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
a92ec1aa4020e811b3b4ed570edce2d9c600a8e6a5f167a78d0076069dcbb12f

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 31 Jan 2022 04:16:43 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://wegotthiscovered.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
110
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=52Yh7Ui7pc8ss6U6rL4I8hAR&bidId=52Yh7Ui7pc8ss6U6rL4I8hAR&bidfloor=0.1&consent_required=true&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&id5uid=%5Bobject%20Object%5D&pubcid=9b9bc193-1923-4c21-97db-f1da9d94784e&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22b8ed7f23-c3c3-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.184.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-184-159.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 31 Jan 2022 04:16:43 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=P0jqdJh1F5oblGVOhUmtzsOJ&bidId=P0jqdJh1F5oblGVOhUmtzsOJ&bidfloor=0.1&consent_required=true&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&id5uid=%5Bobject%20Object%5D&pubcid=9b9bc193-1923-4c21-97db-f1da9d94784e&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22b8ed7f23-c3c3-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.184.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-184-159.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 31 Jan 2022 04:16:43 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=4odmH6fmUmDvYMQLfkysCZmO&bidId=4odmH6fmUmDvYMQLfkysCZmO&bidfloor=0.1&consent_required=true&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&id5uid=%5Bobject%20Object%5D&pubcid=9b9bc193-1923-4c21-97db-f1da9d94784e&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22b8ed7f23-c3c3-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.184.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-184-159.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 31 Jan 2022 04:16:43 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=d1yhXU1BdmCwBzRjjNpeSjw9&bidId=d1yhXU1BdmCwBzRjjNpeSjw9&bidfloor=0.1&consent_required=true&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&id5uid=%5Bobject%20Object%5D&pubcid=9b9bc193-1923-4c21-97db-f1da9d94784e&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22b8ed7f23-c3c3-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.184.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-184-159.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 31 Jan 2022 04:16:43 GMT
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		699 B
1021 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
38cbcc988d3d66998187112841e049d6875d913aba2b5b49b4a762eb051baf50
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 31 Jan 2022 04:16:44 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fe70e368-2702-403b-bb2b-563e2039fe64
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://wegotthiscovered.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
HFEsVPyG2xdk9_FYeN9qMCR4YggSwnaH
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
462
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1H6DVAA67DM3MCP7YMH7
date
Mon, 31 Jan 2022 04:09:34 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
73TeF0BKw0FkK4buLcQr8DESGnw5HSlORQg6QT1_4noLtfRtAGt5Gg==
arj
propermedia-d.openx.net/w/1.0/ 		73 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwegotthiscovered.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=728x90%2C300x250%7C728x90%7C970x250%7C300x250%7C300x250%7C300x250%2C300x600&auid=544108942%2C544108943%2C544108948%2C544108949%2C544108950%2C544108953&aumfs=100%2C100%2C1250%2C100%2C100%2C100&dddid=5e083e62-6b96-435f-8a2c-373fd57c86ca%2Caa204175-73f4-4cc0-afce-05cae9d62d4d%2C32085cf1-4ad3-4b28-b413-023a9469c1f3%2C9163e2f8-29d2-45ae-94e8-0a96a780b758%2C1194332a-ea06-4e0f-909c-a98c87c92bda%2Cfb6b24b0-5fa5-455d-a7f5-8ec5d0241c06&divIds=openx-8f8e09ee-ace8-4057-b7c8-8f1d4530bc22%2Copenx-3e2a45d0-4456-48f0-a503-38d55f0f5db8%2Copenx-54362cca-840c-438c-a792-17be3be272a0%2Copenx-909dc195-f054-4690-9b08-374826f5efa4%2Copenx-a185787c-91bf-4638-bc9f-a95153d9bbe0%2Copenx-e36ac766-79db-402e-8ac3-846110f0aff7&be=1&bc=hb_pb_3.0.1&nocache=1643602603844&schain=1.0%2C1!proper.io%2Cb8ed7f23-c3c3-11eb-8272-06ef03bc0096%2C1&gdpr=1&x_gdpr_f=1&us_privacy=1---&id5id=0&_pubcid=9b9bc193-1923-4c21-97db-f1da9d94784e
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
24090898d9613ed1401241b5749947f6a82f7aae10173c6003c54e8cfc8021a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 2DF9 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.145.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-145-91.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
avjp
primis-d.openx.net/v/1.0/ Frame 2DF9 		106 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwegotthiscovered.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=985e50a3-6228-4bef-aa86-8e0c18ff90d6&nocache=1643602603907&gdpr_consent=&gdpr=1&schain=1.0%2C1!primis.tech%2C29569%2C1%2C%2C%2C&skip=1&auid=540289187&vwd=777&vht=437&aucs=adUnit_1&aumfs=5040
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 google
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 2DF9 		173 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.61.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-61-155.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
09f6a0aa596a214258b9de31c9abe531ed8d0d529d8050f189c369c27755c4ee

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
translator
hbopenbid.pubmatic.com/ Frame 2DF9 		0
0
196297
search.spotxchange.com/openrtb/2.3/dados/ Frame 2DF9 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/196297?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 31 Jan 2022 04:16:44 GMT
X-SpotX-Timing-Transform
0.000265
X-SpotX-Timing-SpotMarket
0.005252
X-SpotX-Timing-Page-Mux
0.000242
X-SpotX-Timing-Page-Require
0.000281
X-fe
139
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000024
X-SpotX-Timing-Page
0.008976
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000272
Last-Modified
Mon, 31 Jan 2022 04:16:44 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005252
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://wegotthiscovered.com
X-SpotX-Timing-Page-Misc
0.002628
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
vid61f45804de292873970762_thumb.jpg
video.primis.tech/uploads/cn25/video/users/converted/25037/video_5b435e74b8e31660401154/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn25/video/users/converted/25037/video_5b435e74b8e31660401154/vid61f45804de292873970762_thumb.jpg?cbuster=1643407316
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
2503edb516664f1526dea7dbfafcb4e76f213638ac90f837aab9f0dba955f98a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified
Fri, 28 Jan 2022 22:07:15 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"ac9260c5d541b9bc1fb9117416d18765"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 14 Feb 2022 04:16:43 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3967
x-amz-cf-id
T1mqAmbr0E-R-WUT0tHiqKyujzb0B2Uxd54HbFZU7RXWYVibqpia0A==
x-proxy-cache
HIT
vid61f6e64b3cb9e754297757_thumb.jpg
video.primis.tech/uploads/cn2/video/users/converted/24485/video_5c07da0dbca38732888483/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn2/video/users/converted/24485/video_5c07da0dbca38732888483/vid61f6e64b3cb9e754297757_thumb.jpg?cbuster=1643570766
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
001083666ce523cc9fb81fe98cec61abdc8d9d254f21ad73b2004092c3074e2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 a33954238ddc352c152e2314fffad1ae.cloudfront.net (CloudFront)
last-modified
Sun, 30 Jan 2022 19:27:30 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"0d472c287e1bae658af50294bec6db4e"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 14 Feb 2022 04:16:43 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2470
x-amz-cf-id
il0_Q4fYqZzpNWgQv3NCcSJmkEqs1eFHnPPJqC8kPpCYVmpC96prdw==
x-proxy-cache
HIT
vid61db00a73dbe9780547379_thumb.jpg
video.primis.tech/uploads/cn6/video/users/converted/29267/video_5f2a767e592ca786766237/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn6/video/users/converted/29267/video_5f2a767e592ca786766237/vid61db00a73dbe9780547379_thumb.jpg?cbuster=1643102031
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
7353393b2cd3fa7cd790141db2cfc7dc5a061dbe36918570de79b6348c65ec33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
last-modified
Sun, 09 Jan 2022 15:36:55 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"46890b7d6e8c862e96274b5899093a5c"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 14 Feb 2022 04:16:43 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3030
x-amz-cf-id
bOk1yJWEbE9vV8If57SlUe5v7h7kKIdHp-EmZ0Yzhmo2TWCnyM7xaA==
x-proxy-cache
HIT
vid61f1d9f9d5c24924849279_thumb.jpg
video.primis.tech/uploads/cn24/video/users/converted/25037/video_5b435e74b8e31660401154/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn24/video/users/converted/25037/video_5b435e74b8e31660401154/vid61f1d9f9d5c24924849279_thumb.jpg?cbuster=1643242101
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
9c79cd27e75133bac4fb4134f774bab87c719f66d06217ce484d874a36e8659b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 78d8604061740cf37281a862360cef5c.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jan 2022 00:10:34 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"fdd1954846542e6205cb61dbf8595670"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 14 Feb 2022 04:16:43 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
4028
x-amz-cf-id
VAXNZxc_vnmKUMrYHBzPj8YAUlsufRNAhWKntVUE1UTs0qpmsSu4Xg==
x-proxy-cache
HIT
vid61f3d8e7ccee5062578811_thumb.jpg
video.primis.tech/uploads/cn25/video/users/converted/25037/video_5b435e74b8e31660401154/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn25/video/users/converted/25037/video_5b435e74b8e31660401154/vid61f3d8e7ccee5062578811_thumb.jpg?cbuster=1643371703
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
2c350eeeab7ab463771799736b4db2531a27fb4c410e5b534275cb8eea533e7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified
Fri, 28 Jan 2022 12:10:05 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"49bf6bb885ae84df001ae989428956c4"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 14 Feb 2022 04:16:43 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
4496
x-amz-cf-id
tmIHtoIRyWpr4nCWve2yMmmGuynRTlf6w6nBK7PWytG_bEQmHDlOvw==
x-proxy-cache
HIT
vid61f5dcfaf0b46539039986_thumb.jpg
video.primis.tech/uploads/cn2/video/users/converted/24485/video_5c07da0dbca38732888483/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn2/video/users/converted/24485/video_5c07da0dbca38732888483/vid61f5dcfaf0b46539039986_thumb.jpg?cbuster=1643502845
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
c9cf58280bd643f12e44ec9372a562ce40ced9666a83db84ae1af3380485dd61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
last-modified
Sun, 30 Jan 2022 00:36:56 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"b8b981ec5f462f2705bf9fa40ba1523d"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 14 Feb 2022 04:16:43 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2633
x-amz-cf-id
ArUTJQpBkTCfSbfz-LOZATpI17jqiosyc8YrNjPI3i9_oMpTTlw91Q==
x-proxy-cache
HIT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1204189250&t=pageview&_s=1&dl=https%3A%2F%2Fwegotthiscovered.com%2F&ul=en-us&de=UTF-8&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1680348163&gjid=2031663797&cid=1303867104.1643602604&tid=UA-17178859-1&_gid=722690745.1643602604&_r=1&gtm=2ou1q0&z=805442374
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1204189250&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwegotthiscovered.com%2F&ul=en-us&de=UTF-8&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Block&ea=Allowed&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1303867104.1643602604&tid=UA-17178859-1&_gid=722690745.1643602604&gtm=2ou1q0&z=1954665015
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jan 2022 10:56:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62417
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
tp2
spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/ 		2 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/plow.lite.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://wegotthiscovered.com
x-cloud-trace-context
1acb6cc689abed08767fc1252093a415
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
tp2
spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://wegotthiscovered.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
x-cloud-trace-context
a440932acc2c8c541690ce0da354a235
date
Mon, 31 Jan 2022 04:16:44 GMT
content-type
text/html
server
Google Frontend
content-length
0
via
1.1 google
alt-svc
clear
2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtuZnIGaV3w.woff2
fonts.gstatic.com/s/assistant/v8/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/assistant/v8/2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtuZnIGaV3w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Assistant&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5aecd2ce89702ca4f7f04c04e45dc63195c2aa23ba78c169d37885cb98388b87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 21:24:12 GMT
x-content-type-options
nosniff
age
543152
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11188
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 17:35:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 24 Jan 2023 21:24:12 GMT
pubads_impl_2022012506.js
securepubads.g.doubleclick.net/gpt/ 		354 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
8023286f9ad1440333463e3c1c449c356c6e690d42a0ac7d6f6f231845481a9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 22:52:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122264
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 15:13:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 30 Jan 2023 22:52:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		292 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=wegotthiscovered.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1e4a992da2b7d1d16784aa34d4c482fdb23ec4dcfd2454dbbdb2431bdbb2ad81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 04:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
152
x-xss-protection
0
expires
Mon, 31 Jan 2022 04:16:44 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2DF9 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
3856
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Mon, 31 Jan 2022 03:13:14 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
FX4cGe_PlCi3UXNzMWTRk9XM9PawyXYpw0oH85oOMCv5eYdg0XJJww==
PugMaster
image6.pubmatic.com/AdServer/ Frame AE30 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=99853559&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f762ab3fa2c%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:42 GMT
content-length
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
3856
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Mon, 31 Jan 2022 03:13:14 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
CotkZZ3iP9YKYqpDOMHV2X5rIg6VTHngYnn3CJiH97dtL2tEWloZcw==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwegotthiscovered.com&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
831eaf6f1c288f766382de0ff923046ec00f3e7346af39b1849c0630203215ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 01:02:15 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server
Server
age
11669
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
content-length
1123
x-amz-cf-id
ZqwqElbmksNN-3cif96Pk_Hl7SYndOZyNgiFPO9EWorQ2mAz02wajw==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwegotthiscovered.com%2F&pid=ntYW82U2tS99B&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-7%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!proper.io%2Cb8ed7f23-c3c3-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A25%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
EGQ1Z625CB62FRK83FSY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
Hl0zqDo1fwnLU5p50CwPlKwBTh_tisYuMo-_ZyrM-U1DNPfohGGziA==
v2icbvkbct8r2N0tmIhfOLPbcvpVE3QjsAdyZIKkAiqDBgnhazNPUGEMrIW-6fsZIFN9T_ILL
superficialeyes.com/ 		209 B
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2icbvkbct8r2N0tmIhfOLPbcvpVE3QjsAdyZIKkAiqDBgnhazNPUGEMrIW-6fsZIFN9T_ILL
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4fdd1311b00d3e615004db15d63b4ef846dc3299f77cf981f8065ad4647a3409
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Mon, 31 Jan 2022 04:16:44 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-c63t
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Mon, 31 Jan 2022 04:16:43 GMT
cookie
cm.adform.net/ Frame FFF7 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Mon, 31 Jan 2022 04:16:44 GMT
content-type
image/gif
content-length
43
csync
sync.console.adtarget.com.tr/ Frame 690B 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 31 Jan 2022 04:16:44 GMT
Content-Length
0
Etag
a4618615eb09ee5a
csync
sync.console.adtarget.com.tr/ Frame 7BEF 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 31 Jan 2022 04:16:44 GMT
Content-Length
0
Etag
a4618615eb09ee5a
csync
sync.console.adtarget.com.tr/ Frame 3E36 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 31 Jan 2022 04:16:44 GMT
Content-Length
0
Etag
a4618615eb09ee5a
csync
sync.console.adtarget.com.tr/ Frame 7FEC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=cjYWb9F5crrn6YLC1eJ5&pi=admatic&tc=1
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=cjYWb9F5crrn6YLC1eJ5&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 31 Jan 2022 04:16:44 GMT
Content-Length
0
Etag
a4618615eb09ee5a

Redirect headers

date
Mon, 31 Jan 2022 04:16:44 GMT Mon, 31 Jan 2022 04:16:44 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=cjYWb9F5crrn6YLC1eJ5&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame 30EF
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
d0d9b838b22691e322eda75698f155543522b91efb5a876591478a57f6cf656a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Mon, 31 Jan 2022 04:16:44 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Mon, 31 Jan 2022 04:16:44 GMT
x-sid
AMS-742
content-encoding
gzip

Redirect headers

server
openresty
date
Mon, 31 Jan 2022 04:16:44 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-742
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0A9E 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=60144
expires
Mon, 31 Jan 2022 20:59:08 GMT
date
Mon, 31 Jan 2022 04:16:44 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame 6ADE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
date
Mon, 31 Jan 2022 04:13:26 GMT
last-modified
Mon, 31 Jan 2022 04:13:23 GMT
etag
W/"5550fca00caf055568d6ced373f2721f"
cache-control
max-age=7200
x-amz-version-id
_hLB71V3U_M.Sjh6z.6hnFMkTk.HukKI
server
AmazonS3
content-encoding
br
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
_JioDXSDMtcLfYAA7MRf9kQp5w461Gez8camAEdn2TqbdJYslD9plA==
age
199
user
cdn.admatic.com.tr/ Frame 87D7 		251 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.93.1.242 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-463.bunnyinfra.net
Software
BunnyCDN-IL1-463 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-IL1-463
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
DE
cache-control
public, max-age=3600
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-storageserver
DE-51
cdn-fileserver
141
cdn-proxyver
1.0
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-cachedat
10/26/2021 01:32:42
cdn-edgestorageid
463
cdn-status
200
cdn-requestid
df0bd5e0b4a4f1c67a6e808e6912f148
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 5066 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 31 Jan 2022 04:16:44 GMT
Content-Length
0
Etag
a4618615eb09ee5a
csync
sync.console.adtarget.com.tr/ Frame 3C46 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 04:16:44 GMT
Server
VertaMedia 1.0
Etag
a4618615eb09ee5a
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame 3C46 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 04:16:44 GMT
Server
VertaMedia 1.0
Etag
a4618615eb09ee5a
Content-Length
43
Content-Type
image/gif
collect
stats.g.doubleclick.net/j/ 		1 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-17178859-1&cid=1303867104.1643602604&jid=1680348163&gjid=2031663797&_gid=722690745.1643602604&_u=YEBAAUAAAAAAAC~&z=744764770
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 31 Jan 2022 04:16:44 GMT
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=226866098399083&ev=Microdata&dl=https%3A%2F%2Fwegotthiscovered.com%2F&rl=&if=false&ts=1643602604079&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22All%20the%20latest%20news%2C%20trailers%20%26%20reviews%20for%20movies%2C%20video%20games%2C%20music%20and%20TV.%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered%22%2C%22og%3Adescription%22%3A%22All%20the%20latest%20news%2C%20trailers%20%26%20reviews%20for%20movies%2C%20video%20games%2C%20music%20and%20TV.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%22%2C%22og%3Asite_name%22%3A%22We%20Got%20This%20Covered%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwegotthiscovered.com%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%3Fs%3D%7Bsearch_term_string%7D%26submit%3D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.51&r=stable&ec=1&o=30&fbp=fb.1.1643602603557.718828742&it=1643602603240&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 31 Jan 2022 04:16:44 GMT
ats.js
ats.rlcdn.com/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding
gzip
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age
8172
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
date
Mon, 31 Jan 2022 03:50:34 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
application/x-javascript
x-amz-cf-id
EViABusils1qhHF_iRaFuhTglXtoubSaCE8a1sYBUOshdQWUc0ttUw==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Mon, 31 Jan 2022 04:15:29 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10430
x-request-id
1041468075
v2rjkZJ-I-vo7pTo6EzLrKFylFNncvEgg23GtR0w6Se7keoVFt_rASDhwosRwbU2-NC-e7lvl
superficialeyes.com/ 		402 B
436 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2rjkZJ-I-vo7pTo6EzLrKFylFNncvEgg23GtR0w6Se7keoVFt_rASDhwosRwbU2-NC-e7lvl
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
3129a320e114560a9f71fc38c12418741705cb0b4b09072932f307af94f74589
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Mon, 31 Jan 2022 04:16:44 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-c63t
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
402
um
u-ams02.e-planning.net/ Frame 30EF
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dc9d114716353b24f
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=c9d114716353b24f
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=c9d114716353b24f
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=c9d114716353b24f
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 30EF 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dc9d114716353b24f%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:43 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
08q4p5g9fpsckg4mp0mbupbm6ahoepcu
ptag
a.audrte.com/ Frame 30EF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.248.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-248-174.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
1ce89e710be9b5567f89e1c8ed91b8511f17a04cee607a64644f4daed772dccf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 04:16:44 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 30EF 		266 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 30 Jan 2027 04:16:44 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 30EF
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dc9d114716353b24f
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Mon, 31 Jan 2022 04:16:44 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 30EF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc9d114716353b24f%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c9d114716353b24f&uid=1404262804935752776
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c9d114716353b24f&uid=1404262804935752776
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:44 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
06d6beb9-fb3c-463f-9cfc-119f2a1a3cfe
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c9d114716353b24f&uid=1404262804935752776
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 37B2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jan 2022 04:16:44 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
date
Mon, 31 Jan 2022 04:16:44 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 883C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc9d114716353b24f%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=60144
expires
Mon, 31 Jan 2022 20:59:08 GMT
date
Mon, 31 Jan 2022 04:16:44 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 2095 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9d114716353b24f%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aa397bf938b1903df90d04571c2c064fcb16e5afdabbde248835f6127b988578

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|45|39|65|8|81|46
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 31 Jan 2022 04:16:44 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:44 GMT
Content-Length
1648
Connection
keep-alive
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame FF96 		1 KB
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
content-type
text/html
content-length
624
x-cff
B
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:27 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
x-cf3
H
cf4age
0
x-cf-tsc
1641922229
cf4ttl
157680000.000
content-encoding
gzip
x-cf2
H
server
CFS 0215
x-cf1
29080:fA.fra2:co:1585621119:cacheN.fra2-01:H
accept-ranges
bytes
/
onetag-sys.com/usync/ Frame 9B3F 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 489B 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
360e772a6f529a59f42413cc339962db56217c638ff4b82be8e570a27b307bc7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d6020541afe694c-FRA
content-encoding
br
5376056
fundingchoicesmessages.google.com/i/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/5376056?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2729f05deecd91bf2a635fe74524b5700ad387e237e618047826d0ebc7e3e13f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-sqHVf64YwcdVbxNTxvJtUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-sqHVf64YwcdVbxNTxvJtUA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-sqHVf64YwcdVbxNTxvJtUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-sqHVf64YwcdVbxNTxvJtUA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
date
Mon, 31 Jan 2022 04:16:44 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
geo.privacymanager.io/ 		30 B
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-9.fra2.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 14:33:18 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront), 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
age
49406
x-amzn-requestid
2ae869fc-2b1f-4987-a774-03a7ed30c3ab
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61f6a1ae-28f515a36690d82c25ff000c;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1, FRA2-C2
x-amz-apigw-id
Mw4zOFF-DoEFp-w=
content-length
30
x-amz-cf-id
OjYes7NwYmxZTu0plwSvnf1dUVXmi9TelU53xCX-C6gRuOpB9A2v7g==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
uu
ih.adscale.de/ Frame 6ADE
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1643602604
  • https://ih.adscale.de/uu?cbfn=receive&t=1643602604&nut&uu=a29fef31fb034b0ebb50a3ecac259eed
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1643602604&nut&uu=a29fef31fb034b0ebb50a3ecac259eed
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
18.196.233.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e711293b95a657aa56a2f13594008395a42c3eef9845ab19d791e2e2324749f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1643602604&nut&uu=a29fef31fb034b0ebb50a3ecac259eed
date
Mon, 31 Jan 2022 04:16:44 GMT
content-length
0
getuid
ib.adnxs.com/ Frame 489B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 489B 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 489B
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=1ddb5243-cc4b-474c-ab99-1b8c4c56598c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=1ddb5243-cc4b-474c-ab99-1b8c4c56598c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d602055cded694c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=1ddb5243-cc4b-474c-ab99-1b8c4c56598c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 489B 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 489B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D0...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D0...
  • https://mwzeom.zeotap.com/mw?cid=43d1e780-f893-4604-a520-ff205777493f&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=43d1e780-f893-4604-a520-ff205777493f&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d6020560e75694c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=43d1e780-f893-4604-a520-ff205777493f&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 489B 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1643602604.304334,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4044-HHN
u
dmp.v.fwmrm.net/ad/ Frame 489B 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f00:3e0:6686:45e9:a16e Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:45 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 489B 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d52aa8b-c114-40a9-4378-3f68326fd8ef%26reqId%3D01c8215a-1877-4384-750a-a250f5d2d31c%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 489B
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=9f8349d5-d8cd-4274-a802-1ef3c226383a&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=9f8349d5-d8cd-4274-a802-1ef3c226383a&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d602057a8e9694c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=9f8349d5-d8cd-4274-a802-1ef3c226383a&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 489B
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=0d52aa8b-c114-40a9-4378-3f68326fd8ef&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=0d52aa8b-c114-40a9-4378-3f68326fd8ef&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=43224408320907221813653725664438693181&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=43224408320907221813653725664438693181&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d6020560e77694c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v027-0aefd9347.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
VZt9H58nSm0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=43224408320907221813653725664438693181&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 489B 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
zeotap.php
bn01.er.bemail.it/ Frame 489B 		0
0
mw
mwzeom.zeotap.com/ Frame 489B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7059219431804303511&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7059219431804303511&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d6020558d90694c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7059219431804303511&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Date
Mon, 31 Jan 2022 04:16:44 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 489B
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=0d52aa8b-c114-40a9-4378-3f68326fd8ef
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=0d52aa8b-c114-40a9-4378-3f68326fd8ef
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=0d52aa8b-c114-40a9-4378-3f68326fd8ef
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=0d52aa8b-c114-40a9-4378-3f68326fd8ef
date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 489B
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0d52aa8b-c114-40a9-4378-3f68326fd8ef&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0d52aa8b-c114-40a9-4378-3f68326fd8ef&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=t/uuP27xiZW3L.7FvZ.QMe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-43...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=t/uuP27xiZW3L.7FvZ.QMe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d60205798d1694c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
last-modified
Mon, 31 Jan 2022 04:16:44 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=t/uuP27xiZW3L.7FvZ.QMe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 489B 		36 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=0d52aa8b-c114-40a9-4378-3f68326fd8ef&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.103 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 489B
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=0d52aa8b-c114-40a9-4378-3f68326fd8ef?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=0d52aa8b-c114-40a9-4378-3f68326fd8ef?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=5a9089010ef95d7e43f056632fda53d1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-18...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=5a9089010ef95d7e43f056632fda53d1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d602057b90d694c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=5a9089010ef95d7e43f056632fda53d1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
cache-control
no-cache
x-server
10.45.7.217
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 489B
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-qd.I7glE2ooLIZS7MluA7DZg5MD8GZZI_A--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-qd.I7glE2ooLIZS7MluA7DZg5MD8GZZI_A--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d60205788b2694c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 31 Jan 2022 04:16:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-qd.I7glE2ooLIZS7MluA7DZg5MD8GZZI_A--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 489B
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=A6Vgz1bOeKmymLb99cflEQyxQ%2FQhXUwT%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=A6Vgz1bOeKmymLb99cflEQyxQ%2FQhXUwT%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d602057587d694c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=A6Vgz1bOeKmymLb99cflEQyxQ%2FQhXUwT%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
usermatch.gif
beacon.krxd.net/ Frame 489B 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1643602604
x-served-by
beacon-n010-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 489B 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=0d52aa8b-c114-40a9-4378-3f68326fd8ef&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 489B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YfdirAACmS-prwBB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a25...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YfdirAACmS-prwBB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361&_test=YfdirAACmS-prwBB
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d602057f997694c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643602605.792468,VS0,VE0
x-served-by
cache-hhn4041-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YfdirAACmS-prwBB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361&_test=YfdirAACmS-prwBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 489B
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=d5ad61f7-62ac-4700-aeaf-9b91d12a736f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=d5ad61f7-62ac-4700-aeaf-9b91d12a736f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d602057f982694c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Mon, 31 Jan 2022 04:16:44 GMT
Server
MT3 4133 baa842e master cdg-pixel-x3 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=d5ad61f7-62ac-4700-aeaf-9b91d12a736f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Mon, 31 Jan 2022 04:16:43 GMT
usermatch.gif
beacon.krxd.net/ Frame 489B
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OokKdoM4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=0d52aa8b-c114-40a9-4378-3f68326fd8ef
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=0d52aa8b-c114-40a9-4378-3f68326fd8ef
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:45 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1643602605
x-served-by
beacon-n006-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 31 Jan 2022 04:16:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=0d52aa8b-c114-40a9-4378-3f68326fd8ef
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d6020599bf3694c-FRA
access-control-allow-headers
*
dcm
aax-eu.amazon-adsystem.com/s/ Frame 489B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0d52aa8b-c114-40a9-4378-3f68326fd8ef&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-437...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0d52aa8b-c114-40a9-4378-3f68326fd8ef&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-437...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0d52aa8b-c114-40a9-4378-3f68326fd8ef&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:44 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
S9RFG16J41RG5HMPE0K3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:44 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
F64H223FSWYXVGRBQTDF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0d52aa8b-c114-40a9-4378-3f68326fd8ef&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 489B 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=0d52aa8b-c114-40a9-4378-3f68326fd8ef&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.42.102 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-42-102.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 04:16:44 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 489B
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0d5...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d602058eb09694c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
date
Mon, 31 Jan 2022 04:16:44 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 489B 		557 B
498 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d57273e78fb1aa3130311be9bbd6929b8c8d2e622ff1289ad4bd6ef046922fad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d602054dc1d694c-FRA
date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Mon, 31 Jan 2022 04:16:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
usync.js
eus.rubiconproject.com/ Frame 37B2 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
73aa0b3eb13e34e7e7030368de080660d9ca41b583ad4eada429df8d631f5a47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 04:16:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44722
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Mon, 31 Jan 2022 16:42:06 GMT
ConsentManager
superficialeyes.com/v2nkg79eXKyxZUoiW2ABEfjFKdfEEqjRHNBNQhhW7YtAJs18BnZ7gV42Fovn8Iy3z5HuR_Vc/ 		246 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2nkg79eXKyxZUoiW2ABEfjFKdfEEqjRHNBNQhhW7YtAJs18BnZ7gV42Fovn8Iy3z5HuR_Vc/ConsentManager
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
74647fa1512f4be36775eef767cdae9c315f38f8fcbb494c9bcae35fc7119298
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"f75ca3ac8c1ea97347c07faf0cbb59c685df610b4a21419e55aa92ace8e9eb1a"
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, must-revalidate, max-age=21600
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-c63t
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date
Mon, 31 Jan 2022 04:16:44 GMT
dcm
s.amazon-adsystem.com/ Frame 2095
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfdiqxOUss2MGpDOxESJyAAABHMAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfdiqxOUss2MGpDOxESJyAAABHMAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfdiqxOUss2MGpDOxESJyAAABHMAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9d114716353b24f%26uid%3D
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:44 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2PRRW428MDMDH5E7MEKX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:44 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PMRYK2AZW1HPKWYQ0NNJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfdiqxOUss2MGpDOxESJyAAABHMAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2095 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YfdiqxOUss2MGpDOxESJyAAABHMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9d114716353b24f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2095
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfdiqxOUss2MGpDOxESJyAAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YfdiqxOUss2MGpDOxESJyAAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMLrjFdiCjrYPgblsjas0b0&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMLrjFdiCjrYPgblsjas0b0&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9d114716353b24f%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 04:16:44 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMLrjFdiCjrYPgblsjas0b0&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 2095 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9d114716353b24f%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum.casalemedia.com/ Frame 2095
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643689004&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643689004&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9d114716353b24f%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 31 Jan 2022 04:16:44 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643689004&gdpr=1
pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 2095
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a2305f4b-2b6e-4475-a6a8-6d08380d48d3&expiration=1675138604
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a2305f4b-2b6e-4475-a6a8-6d08380d48d3&expiration=1675138604
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9d114716353b24f%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 04:16:44 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a2305f4b-2b6e-4475-a6a8-6d08380d48d3&expiration=1675138604
date
Mon, 31 Jan 2022 04:16:44 GMT
server
Kestrel
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 2095
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=_cNUgP3AU9TmkAOH8ssf1K2WB4TmwgqFqsWKFhXj
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=_cNUgP3AU9TmkAOH8ssf1K2WB4TmwgqFqsWKFhXj
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9d114716353b24f%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 04:16:44 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=_cNUgP3AU9TmkAOH8ssf1K2WB4TmwgqFqsWKFhXj
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
getuid
secure.adnxs.com/ Frame 2095 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9d114716353b24f%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
um
u-ams02.e-planning.net/ Frame 2095 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=c9d114716353b24f&uid=YfdiqxOUss2MGpDOxESJyAAA%261139
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9d114716353b24f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
server
openresty
content-type
image/gif
css2
fonts.googleapis.com/ 		7 KB
653 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2nkg79eXKyxZUoiW2ABEfjFKdfEEqjRHNBNQhhW7YtAJs18BnZ7gV42Fovn8Iy3z5HuR_Vc/ConsentManager
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b35bf395eacb6c9729106a9e6a6e12856c8bab8f9109a4fae0f7704b60a22b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 02:30:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 31 Jan 2022 04:16:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jan 2022 04:16:44 GMT
cmp
spl.zeotap.com/ Frame 489B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d602057283e694c-FRA
userconnect.js
js.adscale.de/ Frame 6ADE 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:13:26 GMT
content-encoding
br
last-modified
Mon, 31 Jan 2022 04:13:23 GMT
server
AmazonS3
age
199
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
x9qDT45C9r4Bc2KtQfWSLkTQZWQJmQpZ
via
1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
PtV2UOS0FrqL4H1esYqNzOsZ0wzrAkb_s96aigkVzjbwPjzMdUFHnA==
csync
sync.console.adtarget.com.tr/ Frame 6ADE 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=a29fef31fb034b0ebb50a3ecac259eed
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 04:16:44 GMT
Server
VertaMedia 1.0
Etag
e8531e1bad655ca5
Content-Length
0
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wegotthiscovered.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 14:44:06 GMT
x-content-type-options
nosniff
age
394358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37780
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 17:59:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 14:44:06 GMT
s2s
eb.proper.io/ 		373 B
1003 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-google-sra-timeout-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c2e4cd06909b76e8e9ee20109f9caccc0b162c52a28b3ee928f3c4e1f3102a2

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
dur:271
cf-ray
6d602055fba06993-FRA
expires
-1
AGSKWxWcmSRxzakWNTB9ebOOxcCIlMwQQfxN_2YIpr0lwFlP_Bwd3ioh07YBDSeY5gdLsWUJfE7qpxLhEhe2h7lu4sQ=
fundingchoicesmessages.google.com/el/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWcmSRxzakWNTB9ebOOxcCIlMwQQfxN_2YIpr0lwFlP_Bwd3ioh07YBDSeY5gdLsWUJfE7qpxLhEhe2h7lu4sQ=?pvid=7B5E9017-BAC5-4AA6-A744-EF85512C138B&anonid=45BE4974-C7F0-4F0C-B149-569AE3B3D022
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.LafblIpCQPU.es5.O/d=1/rs=AJlcJMxRtt97qCr8umF-oBux_5T1hJPIvA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-A3kF4t4WNRvN3NNd0N2ycQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-A3kF4t4WNRvN3NNd0N2ycQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-A3kF4t4WNRvN3NNd0N2ycQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-A3kF4t4WNRvN3NNd0N2ycQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWn0bPrPA_xhSphDzeuJHHjme0a0KrHR36kvlXIqZsWWZ_HffDpTUZjrbycmnYjJ0kcotdQ2WsgFOva-IAMTsk=
fundingchoicesmessages.google.com/f/ 		274 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWn0bPrPA_xhSphDzeuJHHjme0a0KrHR36kvlXIqZsWWZ_HffDpTUZjrbycmnYjJ0kcotdQ2WsgFOva-IAMTsk=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzNjAyNjA0LDQ4NzAwMDAwMF0sIjdCNUU5MDE3LUJBQzUtNEFBNi1BNzQ0LUVGODU1MTJDMTM4QiIsIjQ1QkU0OTc0LUM3RjAtNEYwQy1CMTQ5LTU2OUFFM0IzRDAyMiIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3dlZ290dGhpc2NvdmVyZWQuY29tLyIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.LafblIpCQPU.es5.O/d=1/rs=AJlcJMxRtt97qCr8umF-oBux_5T1hJPIvA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1df14a1aa5492265fc073290d8b83eb236f984d1b5dc87d4f1909dd2ac82389
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mwd4lAsH0twM7MljjG6big' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-mwd4lAsH0twM7MljjG6big' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-mwd4lAsH0twM7MljjG6big' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-mwd4lAsH0twM7MljjG6big' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
v2icbvkbct8r2N0tmIhfOLPbcvpVE3QjsAdyZIKkAiqDBgnhazNPUGEMrIW-6fsZIFN9T_ILL
superficialeyes.com/ 		254 B
291 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2icbvkbct8r2N0tmIhfOLPbcvpVE3QjsAdyZIKkAiqDBgnhazNPUGEMrIW-6fsZIFN9T_ILL
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
86e2a0829ac9ef49b49738ed5e75f79624362ccc389f6b831cccd2d043a69fb6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://wegotthiscovered.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Mon, 31 Jan 2022 04:16:44 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-c63t
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
254
expires
Mon, 31 Jan 2022 04:16:43 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame 30EF 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-126.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 03:30:13 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
2799
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 3588568928e677ce9bb8aedfd6e0ea04.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
28MHLnwWuadnu2-ciaDyWTG4ZYCO37-egwnSOwBLLOyHu5xLHZnWkg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 0B1A 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Mon, 31 Jan 2022 04:16:44 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Sat, 30 Jan 2027 04:16:44 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 5F40 		0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AMSnymj41j5pYSlt
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Mon, 31 Jan 2022 04:16:44 GMT
Content-Length
0
Etag
b7480c517573be4b
bundle.js
cdn.admatic.com.tr/user/ Frame 87D7 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.93.1.242 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-463.bunnyinfra.net
Software
BunnyCDN-IL1-463 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
content-encoding
br
cdn-edgestorageid
463
cdn-fileserver
122
cdn-storageserver
NY-95
cdn-cachedat
01/04/2022 06:38:30
cdn-pullzone
266102
server
BunnyCDN-IL1-463
last-modified
Fri, 12 Mar 2021 04:24:49 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"604aed11-d908"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
9b052a9ef3a834cc207278afb79a2e72
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
userconnect
ih.adscale.de/ Frame 6ADE 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1643602604680&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.233.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
content-length
149
content-type
application/javascript
GS.d
js.cookieless-data.com/ Frame 0B1A 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1643602604693
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.113 Lignieres-Sonneville, France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-113.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:44 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
map
ih.adscale.de/ Frame 9F68 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.233.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1372e4964d1b62eee0aede17a2a8b6b9977044efe56dcbd669f51c43bf8a65e5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2604
match.js
js.adscale.de/ Frame 9F68 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:13:26 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 04:13:23 GMT
server
AmazonS3
age
199
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
i0C4LVVJ4Bp4NqgqzrT2K9wD8vbMpneC
via
1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
A6CibzABFTb_gC9FH9Vx72G0p5BzkwPb2sTQZ5uwVK8P241i7DwoPQ==
img
ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/ Frame 9F68
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=a29fef31fb034b0ebb50a3ecac259eed&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b6457eb75a57dea0b3b7c3%2F1643602604700%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?tpid=101&tpuid=BBID-01-03183166047919736-16513560
49 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?tpid=101&tpuid=BBID-01-03183166047919736-16513560
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.233.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 31 Jan 2022 04:16:44 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?tpid=101&tpuid=BBID-01-03183166047919736-16513560
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 37B2 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&us_privacy=1---&khaos=KZ26JY41-V-LO5W
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
user
ads3.admatic.com.tr/ Frame 87D7 		77 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
cc025d3b1a95148a510f480bd33a1ea0c91b4d9bf78485e89cd73a3dc421fe98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 04:16:44 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
81
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 9F68
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=92331eaac5d6ab4ec5995d443...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YfdiqxOUss2MGpDOxESJyAAA%261139
49 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YfdiqxOUss2MGpDOxESJyAAA%261139
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.233.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YfdiqxOUss2MGpDOxESJyAAA%261139
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Mon, 31 Jan 2022 04:16:44 GMT
img
ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/ Frame 9F68
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=ffb3344fd28876ce85c4fafa25c229e336c420335ae85259a92ee358f3338841&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b6457eb75a57...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=ffb3344fd28876ce85c4fafa25c229e336c420335ae85259a92ee358f3338841&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b6457eb...
  • https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?tpid=42&gdpr=0&tpuid=1693832102025013925
49 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?tpid=42&gdpr=0&tpuid=1693832102025013925
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.233.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
server
nginx
location
https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?tpid=42&gdpr=0&tpuid=1693832102025013925
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
709414.gif
id.rlcdn.com/ Frame 37B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?us_privacy=1---
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 37B2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d5ad61f7-62ac-4700-aeaf-9b91d12a736f&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d5ad61f7-62ac-4700-aeaf-9b91d12a736f&expires=28
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
Content-Type
image/gif

Redirect headers

Date
Mon, 31 Jan 2022 04:16:44 GMT
Server
MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d5ad61f7-62ac-4700-aeaf-9b91d12a736f&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 04:16:43 GMT
tap.php
pixel.rubiconproject.com/ Frame 37B2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfdirAACmS-prwBB&us_privacy=1---
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfdirAACmS-prwBB&us_privacy=1---
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643602605.907030,VS0,VE0
x-served-by
cache-hhn4041-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfdirAACmS-prwBB&us_privacy=1---
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rubicon
match.adsrvr.org/track/cmf/ Frame 37B2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 37B2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/7MX5qHsJ2Bn6OFwTRIZWBQ?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7578564428221389362
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7578564428221389362
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
Content-Type
image/gif

Redirect headers

date
Mon, 31 Jan 2022 04:16:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7578564428221389362
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 37B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_CNm2yMh7ecu1HURrAAcg&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_CNm2yMh7ecu1HURrAAcg&google_cver=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_CNm2yMh7ecu1HURrAAcg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 37B2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjJiMjZjNjE0ODUwZDkyNDVlOTNmOTBkOWZlMTlmOTI2YjM5OTI4Ng&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjJiMjZjNjE0ODUwZDkyNDVlOTNmOTBkOWZlMTlmOTI2YjM5OTI4Ng&us_privacy=1---
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjJiMjZjNjE0ODUwZDkyNDVlOTNmOTBkOWZlMTlmOTI2YjM5OTI4Ng&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0963d041a95f271fbba7f411adc03573
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 37B2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oyNkpZNDEtVi1MTzVX&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oyNkpZNDEtVi1MTzVX&us_privacy=1---
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1oyNkpZNDEtVi1MTzVX&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0963d041a95f271fbba7f411adc03573
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 9F68
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=616c3d3a-fff4-435c-8d1b-c7b0ee43c563&gdpr=0
49 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=616c3d3a-fff4-435c-8d1b-c7b0ee43c563&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.233.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:44 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=616c3d3a-fff4-435c-8d1b-c7b0ee43c563&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1759933
content-length
0
expires
Mon, 31 Jan 2022 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 9F68
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=558d9aa73fab9b5845ecd9eb...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d5ad61f7-62ac-4700-aeaf-9b91d12a736f&gdpr=0&gdpr_consent=
49 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d5ad61f7-62ac-4700-aeaf-9b91d12a736f&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.233.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:44 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 31 Jan 2022 04:16:44 GMT
Server
MT3 4133 baa842e master cdg-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d5ad61f7-62ac-4700-aeaf-9b91d12a736f&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 04:16:43 GMT
img
ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/ Frame 9F68
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=252497aa8e8eb93c514c6fa38a31a27772bfe310820c0f8e527f30bdec7aff5f&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9...
  • https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?uid=252497aa8e8eb93c514c6fa38a31a27772bfe310820c0f8e527f30bdec7aff5f&tpid=38&gdpr=0&tpuid=CAESEFvHlS98sMvUIbcB0z9x4SU...
49 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?uid=252497aa8e8eb93c514c6fa38a31a27772bfe310820c0f8e527f30bdec7aff5f&tpid=38&gdpr=0&tpuid=CAESEFvHlS98sMvUIbcB0z9x4SU&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.233.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:45 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?uid=252497aa8e8eb93c514c6fa38a31a27772bfe310820c0f8e527f30bdec7aff5f&tpid=38&gdpr=0&tpuid=CAESEFvHlS98sMvUIbcB0z9x4SU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/ Frame 9F68
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b6457eb75a57dea0b3b7c3%2F1643602604700%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?tpid=75&tpuid=1404262804935752776&gdpr=0
49 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?tpid=75&tpuid=1404262804935752776&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.233.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:45 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 04:16:45 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 878.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
065d8f57-c9e1-43fe-808b-af22329621ca
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/img?tpid=75&tpuid=1404262804935752776&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
js
ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/ Frame 9F68
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=6d3311258ee7ff6e693433b25496e3c1036c6392d035873b6789b35071b6a0f2&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b645...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=6d3311258ee7ff6e693433b25496e3c1036c6392d035873b6789b35071b6a0f2&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fec9b6273a8b645...
  • https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/js?tpid=48&tpuid=2995162ffdc4ff231fcff14d228a2774
44 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/js?tpid=48&tpuid=2995162ffdc4ff231fcff14d228a2774
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.233.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
637b0fc8580800ffac2259a961102847d2efe969192aac4fcc0bb6cc4591dab1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:45 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Mon, 31 Jan 2022 04:16:45 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/ec9b6273a8b6457eb75a57dea0b3b7c3/1643602604700/0/js?tpid=48&tpuid=2995162ffdc4ff231fcff14d228a2774
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
new
ads3.admatic.com.tr/user/ Frame 87D7 		171 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
b0cd2222a5c595e25f933bd997ee06638c753b69a27ab47ea8aa5fe45d19309f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 04:16:44 GMT
content-encoding
br
etag
VyHLlRuBAfT-BerRcyoo_esdgtefTTYM_mjaPSIAb9XG6-6ooTMNP2qoMt102TQIvjRE27_evmaiXTTLPvkMlg
last-modified
Mon, 31 Jan 2022 05:16:45 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
175
csync
sync.console.adtarget.com.tr/ Frame 87D7 		0
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=nLOlSRbaMq53M4w4xIBSL12-MTPdsLrmOVajjKI5SHhx649eTJIE0AjE1JMbbnJiHgXEVEhUDJGvidDIhwdxjQ
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 04:16:45 GMT
Server
VertaMedia 1.0
Etag
efa7509bf4302dbe
Content-Length
0
sium
ih.adscale.de/ Frame 9F68 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.233.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Mon, 31 Jan 2022 04:16:45 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
user
ads3.admatic.com.tr/ Frame 87D7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadmatic%26bsw_param%...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=43f56ff5fd7a430ebe2f8754e9d71390&ssp=admatic&bsw_param=98feba6e-fa9a-4b43-8ef1-a31684266eb6&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=98feba6e-fa9a-4b43-8ef1-a31684266eb6&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=98feba6e-fa9a-4b43-8ef1-a31684266eb6&dsp_uuid=&dsp_id=
35 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=98feba6e-fa9a-4b43-8ef1-a31684266eb6&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:46 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 04:16:46 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=98feba6e-fa9a-4b43-8ef1-a31684266eb6&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
pd
u.openx.net/w/1.0/ Frame 8048 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Mon, 31 Jan 2022 04:16:48 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 46C1 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=60141
expires
Mon, 31 Jan 2022 20:59:08 GMT
date
Mon, 31 Jan 2022 04:16:47 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DC6E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jan 2022 04:16:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
ups.analytics.yahoo.com/ups/57304/ Frame 2DF9
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP9b7e8cb8-824c-11ec-b84c-0259bd26e26e
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA5YjdlOGNiOC04MjRjLTExZWMtYjg0Yy0wMjU5YmQyNmUyNmU%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEI1AGike1vydGFczOBbtJU0&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEI1AGike1vydGFczOBbtJU0&google_cver=1&apid=UP9b7e8cb8-824c-11ec-b84c-0259bd26e26e
0
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEI1AGike1vydGFczOBbtJU0&google_cver=1&apid=UP9b7e8cb8-824c-11ec-b84c-0259bd26e26e
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:48 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEI1AGike1vydGFczOBbtJU0&google_cver=1&apid=UP9b7e8cb8-824c-11ec-b84c-0259bd26e26e
date
Mon, 31 Jan 2022 04:16:48 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/ Frame 2DF9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=43d1e780-f893-4604-a520-ff205777493f&_origin=1&gdpr=1&gdpr_consent=
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=43d1e780-f893-4604-a520-ff205777493f&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:47 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=43d1e780-f893-4604-a520-ff205777493f&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
m7y5t93k
sync-tm.everesttech.net/upi/pid/ Frame 2DF9 		85 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 04:16:48 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1643602608.915519,VS0,VE92
x-served-by
cache-hhn4041-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
usync.js
eus.rubiconproject.com/ Frame DC6E 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
73aa0b3eb13e34e7e7030368de080660d9ca41b583ad4eada429df8d631f5a47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 04:16:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44719
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Mon, 31 Jan 2022 16:42:06 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 46C1 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43669803&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:16:47 GMT
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
bn01.er.bemail.it
URL
https://bn01.er.bemail.it/zeotap.php?_bid=0d52aa8b-c114-40a9-4378-3f68326fd8ef&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 string| ANDROID string| BLACKBERRY string| IPAD string| IPHONE string| IPOD string| MOBILE string| NOKIA string| SYMBIAN string| WINDOWS_PHONE string| WINDOWS string| MAC string| LINUX string| OTHER object| MOBILE_ARRAY object| DESKTOP_ARRAY function| getDeviceType function| isDesktopDevice function| is_mobile undefined| $ function| jQuery object| wpp_params object| WordPressPopularPosts object| special_ops object| propertag function| gtag object| dataLayer object| GlobalSnowplowNamespace function| snowplow object| _comscore object| _atrk_opts function| fbq function| _fbq function| admiral object| googletag function| __tcfapi function| __uspapi boolean| haveWeGotAds object| WGTCADS number| postBottom function| udm_ object| ns_p object| COMSCORE boolean| payload_loaded object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent30 object| $sidebar object| $topStickySideAnchor object| $topStickySideContainer object| $topStickySideUnits object| $stickySideAnchor object| $stickySideContainer object| $stickySideUnits function| addStickySidebar function| atrk boolean| _atrk_fired boolean| _add_1 boolean| _end_1 boolean| _finish_1 function| EvEmitter function| imagesLoaded object| infiniteScroll function| getArticle function| getArticlePage function| wgtcLoadGallery number| square_loaded number| top_loaded number| fullscreen number| delay string| hash boolean| gallery_square_ad_ready boolean| gallery_banner_ad_ready boolean| hover_loaded function| load_gallery_square_ad function| load_gallery_banner_ad function| unload_gallery_ads object| FB object| wp function| popup undefined| newsletterCookieValue string| string object| myPopup object| Modernizr string| ggv2id function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| __cfBeacon object| webVitals number| topLimit object| carouselSlider function| 4dm1r11545242527 object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| properSpecialOps object| _qevents function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS function| publisherAudiencesOptOut function| refreshAuctionAndSlotsByName object| TraceKit function| UAParser string| PBJS_USER_ID_OPTOUT_NAME object| device string| SYNC_ENDPOINT string| NON_MEASURABLE number| accountId object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| AMP string| google_user_agent_client_hint object| google_tag_data string| GoogleAnalyticsObject function| ga string| proper_ad_page_uuid function| proper_c90956e0_01ce093f_1 function| proper_c58f4de2_cd58d9d5_2 function| proper_4d4deff9_632f52a1_3 number| proper_rps string| proper_ad_session_uuid function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| sekindoFlowingPlayerOn string| placementId string| x object| apstag object| link1 object| link2 function| google_sa_impl object| googleToken object| googleIMState object| gaplugins object| gaGlobal object| gaData object| response boolean| apstagLOADED object| ID5 object| ats object| admrlWpJsonP object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| N2ZkNTNkMjU2YWNmOTVmMWxvYWRlcl9qcw== string| N2ZkNTNkMjU2YWNmOTVmMWNhY2hlZF9qcw== object| googlefc string| __fcexpdef object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| default_ContributorIabTcfV2ClientJs function| __g78fHfh446__

102 Cookies

Domain/Path Name / Value
.scorecardresearch.com/ Name: UID
Value: 129188709c4bfa91c1095861643602603
.wegotthiscovered.com/ Name: __asc
Value: a95e5de117eae596d74c0f89357
.wegotthiscovered.com/ Name: __auc
Value: a95e5de117eae596d74c0f89357
wegotthiscovered.com/ Name: newsletter-popup
Value: 2
wegotthiscovered.com/ Name: usprivacy
Value: 1---
.wegotthiscovered.com/ Name: _fbp
Value: fb.1.1643602603557.718828742
wegotthiscovered.com/ Name: _sp_ses.1618
Value: *
wegotthiscovered.com/ Name: _sp_id.1618
Value: 08c65bd7-969e-4506-b0e0-1359cc5c0514.1643602604.1.1643602604.1643602604.0b143b85-a1cf-4809-9228-c7787b2aa4bb
wegotthiscovered.com/ Name: _lr_retry_request
Value: true
wegotthiscovered.com/ Name: _lr_env_src_ats
Value: false
.yahoo.com/ Name: A3
Value: d=AQABBKti92ECELfXODymICIRywxElpVZwNIFEgEBAQG0-GEBYgAAAAAA_eMAAA&S=AQAAAlf_CHxz6pFImR-HoGPCKVc
.adnxs.com/ Name: uuid2
Value: 1404262804935752776
.3lift.com/ Name: tluid
Value: 2332745991239148496250
.casalemedia.com/ Name: CMID
Value: YfdiqxOUss2MGpDOxESJyAAA
.casalemedia.com/ Name: CMPS
Value: 3274
.wegotthiscovered.com/ Name: _sp_cookie
Value: badb8345-8ae8-45fb-82ff-97fab14e9d3c
.casalemedia.com/ Name: CMPRO
Value: 1139
.wegotthiscovered.com/ Name: _ga
Value: GA1.2.1303867104.1643602604
.wegotthiscovered.com/ Name: _gid
Value: GA1.2.722690745.1643602604
.wegotthiscovered.com/ Name: _gat_gtag_UA_17178859_1
Value: 1
.bidswitch.net/ Name: tuuid
Value: 98feba6e-fa9a-4b43-8ef1-a31684266eb6
.bidswitch.net/ Name: c
Value: 1643602603
.spotxchange.com/ Name: audience
Value: 992fb69a-824c-11ec-9148-10a0cca80006
.wegotthiscovered.com/ Name: _awl
Value: 2.1643602604.0.5-cd3bbd2576536b12e4b3539b27d07235-6763652d6575726f70652d7765737431-0
ads.us.e-planning.net/ Name: CT
Value: 1
.creativecdn.com/ Name: u
Value: cjYWb9F5crrn6YLC1eJ5
.creativecdn.com/ Name: ts
Value: 1643602604
.e-planning.net/ Name: E
Value: AMSnymj41j5pYSlt
.bidswitch.net/ Name: tuuid_lu
Value: 1643602604
.zeotap.com/ Name: zc
Value: 0d52aa8b-c114-40a9-4378-3f68326fd8ef
.zeotap.com/ Name: zsc
Value: %C8%9B%7DP%FA%0C%81%AE%06%06%C6%B5b+%AF_%5C%0C%10%2B%1D%92%F1f%A6%85%18n%10%08Y%2A%9D%1E%A1%B7%D0%F8h%FCJ%F1k%CBb%F1%03%E6%25%DE%1D%BA%0Cj%1F%EB%C7%8A%60%91%EB%7B%19Y%1C%87%C1%0CQP%03%80%0EEX%B4%A9%3C8%0E%B8%1B%29%02%CB%00%9E%5B%B8%C1%3D%B1%D9%14%D5%98k%E6x%90R%C6%E6KtL%A3%5E%00%9F%B3%C6%3A%14%08V%03y%1Cc%F82%D1%88%F9%DC%E2%A5+%11%13%DA%2Be%1F%89%B6%CB%21%AC%D0%B4%B3V%F6%1B%E8%91%3F%40n%FD%A0%C8%FD%AE%F4%98%D71%875%D1%C3%2A%C6%EBW
.casalemedia.com/ Name: CMST
Value: Yfdiq2H3YqwA
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB8A
Value: s8654|Yfdir
wegotthiscovered.com/ Name: sharedid
Value: %7B%22id%22%3A%2201FTQ5JW75WWA3765XSAKDW3ZE%22%2C%22ts%22%3A1643602604261%2C%22ns%22%3Atrue%7D
wegotthiscovered.com/ Name: sharedid_last
Value: Mon%2C%2031%20Jan%202022%2004%3A16%3A44%20GMT
.adscale.de/ Name: uu
Value: a29fef31fb034b0ebb50a3ecac259eed
wegotthiscovered.com/ Name: _lr_geo_location
Value: DE
.richaudience.com/ Name: avcid-zeo-uid
Value: 0d52aa8b-c114-40a9-4378-3f68326fd8ef
.tapad.com/ Name: TapAd_TS
Value: 1643602604328
.tapad.com/ Name: TapAd_DID
Value: 1ddb5243-cc4b-474c-ab99-1b8c4c56598c
.proper.io/ Name: verizon_media
Value: y-ZdOZOVFE2uEIKL7XQmQnmb3xZMP34Ohl~A
.proper.io/ Name: mediagrid
Value: 98feba6e-fa9a-4b43-8ef1-a31684266eb6
.adfarm1.adition.com/ Name: UserID1
Value: 7059219431804303511
.adsrvr.org/ Name: TDID
Value: 43d1e780-f893-4604-a520-ff205777493f
.demdex.net/ Name: demdex
Value: 43224408320907221813653725664438693181
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.dpm.demdex.net/ Name: dpm
Value: 43224408320907221813653725664438693181
.doubleclick.net/ Name: IDE
Value: AHWqTUlBz0RwgMwukDtTl2O-CpuBVC2hB5qATNVx0QR050_qlPVnuhIKE8ru7Cj1dWs
.rubiconproject.com/ Name: khaos
Value: KZ26JY41-V-LO5W
.rubiconproject.com/ Name: audit
Value: 1|vAET2ryzqEHR7CWA2RT89T5APvdogVCbaTd6KyMQnat7y9GyzaExIcS2lh4iqKM9XjkCC4AsLbECXyszFxzKB3KY++jymV4/YbfssjpCfxIVmQh/dHns3Q==
.wegotthiscovered.com/ Name: _admrla
Value: 2.0-cd3bbd25-7653-6b12-e4b3-539b27d07235
.agkn.com/ Name: ab
Value: 0001%3AHMklRYUObFyIsH9w2KaNtQYxp7ObwVLa
.theadex.com/ Name: axd
Value: 4284553828582308097
.theadex.com/ Name: tis_2wL
Value: 2wLeAvYv
.weborama.fr/ Name: AFFICHE_W
Value: 18B3SEvboPHX31
.krxd.net/ Name: _kuid_
Value: OokKdoM4
.tidaltv.com/ Name: tidal_ttid
Value: 9f8349d5-d8cd-4274-a802-1ef3c226383a
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjA0sTK0MAIApIGSggkAAAA="
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 5a9089010ef95d7e43f056632fda53d1
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQME20NLCwNDA0SE2zNE0xTzUxTjMwNTMzNkpLSTQ1TjFkAILE70lrQDQUAABN4Qrs"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI%2FJ60BkhBAQAd5wJn"
.quantserve.com/ Name: d
Value: EHQBDQGqJbjvsQA
.quantserve.com/ Name: mc
Value: 61f762ac-b1099-cfd53-082a7
.proper.io/ Name: __cf_bm
Value: GxxqKL62ZDd2DVsRY8HSw6I5v0egpAqB5d6qhIZFb4U-1643602603-0-AexQpHnmR7LrF%2FlLKxsaf%2BeR4FbdFlwWjmhYsr7yIY%2BVQZjWAVl8Ht2onIV4CwRslR2iXmfzbwzal%2FUd1JhSvGSh9ZrZZX2JGSzeEJtU8%2F5K
beacon.lynx.cognitivlabs.com/ Name: UID
Value: a2305f4b-2b6e-4475-a6a8-6d08380d48d3
beacon.lynx.cognitivlabs.com/ Name: ss
Value: CNqkus6uQ8QrbyOzOJVPP2HEX4sdE%2BqoYDqkfRd%2FcYAgur0VQCeHiZ%2FuTuLzgrYEKj%2FvkW8yu9unlu6hGPctcw%3D%3D
.mathtag.com/ Name: uuid
Value: d5ad61f7-62ac-4700-aeaf-9b91d12a736f
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YfdirAACmS-prwBB
.ibillboard.com/ Name: ibbid
Value: BBID-01-03183166047919736-16513560
.casalemedia.com/ Name: CMRUM3
Value: 2d61f762ac2760CAESEMLrjFdiCjrYPgblsjas0b0&2e61f762ac05a0&2761f762ac0b40&0861f762ac2760a2305f4b-2b6e-4475-a6a8-6d08380d48d3&5161f762ac05a0&f161f762ac05a0&e661f762ac2760&4161f762ac05a0
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1693832102025013925
.criteo.com/ Name: uid
Value: 616c3d3a-fff4-435c-8d1b-c7b0ee43c563
.mathtag.com/ Name: mt_mop
Value: 9:1643602604
.adscale.de/ Name: cct
Value: 1643602605126
.ads3.admatic.com.tr/ Name: ARRAffinity
Value: 5cd954eb54859a62355d68180fae9f1a594237dad0b93ebb7a83a9787ee34388
.wegotthiscovered.com/ Name: properSessionData
Value: eyJ1dWlkIjoiOTE4OTg3ZmMtMmY5My00ZDBhLThjZWItZDk0YjgwNjMzN2ViIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6eyJhOSI6MSwiZW14IjoxLCJpbmRleCI6MSwib3BlbngiOjEsInNvdnJuIjoxLCJjcml0ZW8iOjEsIm1hbnRpcyI6MSwic29ub2JpIjoxLCJydWJpY29uIjoxLCJhcHBuZXh1cyI6MSwicHVibWF0aWMiOjEsImFkeW91bGlrZSI6MSwianVzdHByZW1pdW0iOjEsInNoYXJldGhyb3VnaCI6MSwidGhpcnR5dGhyZWVhY3Jvc3MiOjEsInNvdnJuX3MycyI6MSwiZ3VtZ3VtX3MycyI6MSwibWVkaWFncmlkX3MycyI6MSwidmVyaXpvbl9tZWRpYV9zMnMiOjF9LCJsYXN0X3RocmVzaG9sZCI6MH0=
.m6r.eu/ Name: test
Value: true
.m6r.eu/ Name: cct
Value: 1643602605480
.m6r.eu/ Name: id
Value: 2995162ffdc4ff231fcff14d228a2774
.ih.adscale.de/ Name: tu
Value: 4#2137085785#48~2995162ffdc4ff231fcff14d228a2774~456556~0~0#101~BBID-01-03183166047919736-16513560~456556~0~0#38~CAESEFvHlS98sMvUIbcB0z9x4SU~456556~0~0#39~d5ad61f7-62ac-4700-aeaf-9b91d12a736f~456556~0~0#40~616c3d3a-fff4-435c-8d1b-c7b0ee43c563~456556~0~0#42~1693832102025013925~456556~0~0#75~1404262804935752776~456556~0~0#63~YfdiqxOUss2MGpDOxESJyAAA&1139~456556~0~0
.fwmrm.net/ Name: _uid
Value: "o290e_7059219436095958318"
.console.adtarget.com.tr/ Name: a502624
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a544989
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a550070
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a307080
Value: cjYWb9F5crrn6YLC1eJ5
.console.adtarget.com.tr/ Name: a307442
Value: AMSnymj41j5pYSlt
.console.adtarget.com.tr/ Name: a550214
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a306708
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a307565
Value: a29fef31fb034b0ebb50a3ecac259eed
.console.adtarget.com.tr/ Name: vmuid
Value: efa7509bf4302dbe
.console.adtarget.com.tr/ Name: a314221
Value: nLOlSRbaMq53M4w4xIBSL12-MTPdsLrmOVajjKI5SHhx649eTJIE0AjE1JMbbnJiHgXEVEhUDJGvidDIhwdxjQ
.admixer.net/ Name: am-uid
Value: 43f56ff5fd7a430ebe2f8754e9d71390
.ads4.admatic.com.tr/ Name: ARRAffinity
Value: 2224a9165ba6f90e02c0d81d8afdbf21698e6a3306ead5d9ddfe58a9ff528330
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjOm8is556yOhAFOAFaBmFkYXB0dmAC
.advertising.com/ Name: APID
Value: UP9b7e8cb8-824c-11ec-b84c-0259bd26e26e
.analytics.yahoo.com/ Name: IDSYNC
Value: "190z~22ys:187s~22ys"
.yahoo.com/ Name: APID
Value: UP9b7e8cb8-824c-11ec-b84c-0259bd26e26e
.yahoo.com/ Name: APIDTS
Value: 1643602608

7 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=72
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=2332745991239148496250
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tags.bluekai.com/site/87734?id=0d52aa8b-c114-40a9-4378-3f68326fd8ef&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0d52aa8b-c114-40a9-4378-3f68326fd8ef&reqId=01c8215a-1877-4384-750a-a250f5d2d31c&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://id.rlcdn.com/709414.gif?us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.us.e-planning.net
ads3.admatic.com.tr
ads4.admatic.com.tr
adscale-emea.adnxs.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
ats.rlcdn.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bidder.criteo.com
bids.proper.io
bn01.er.bemail.it
btlr.sharethrough.com
c.amazon-adsystem.com
casale-match.dotomi.com
cdn.admatic.com.tr
cdn.ampproject.org
cdn.id5-sync.com
cdnjs.cloudflare.com
ce.lijit.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
creativecdn.com
csync.loopme.me
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb.proper.io
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.privacymanager.io
global.proper.io
googleads.g.doubleclick.net
hb-api.omnitagjs.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.e-planning.net
ib.adnxs.com
id.rlcdn.com
id.sharedid.org
id5-sync.com
idsync.frontend.weborama.fr
ih.adscale.de
image6.pubmatic.com
inv-nets.admixer.net
js.adscale.de
js.cookieless-data.com
live.primis.tech
loadeu.exelator.com
mantodea.mantisadnetwork.com
match.adsrvr.org
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-sys.com
p.skimresources.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
primis-d.openx.net
propermedia-d.openx.net
r.skimresources.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.skimresources.com
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
spc.wegotthiscovered.com
spl.zeotap.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.cloudflareinsights.com
stats.g.doubleclick.net
superficialeyes.com
sync-tm.everesttech.net
sync.console.adtarget.com.tr
sync.intentiq.com
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.tidaltv.com
t.skimresources.com
tags.bluekai.com
tags.crwdcntrl.net
terrifictooth.com
tlx.3lift.com
token.rubiconproject.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
unpkg.com
ups.analytics.yahoo.com
usermatch.krxd.net
usync.proper.io
video.primis.tech
wegotthiscovered.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
bn01.er.bemail.it
hbopenbid.pubmatic.com
104.89.42.102
104.92.74.8
108.157.4.127
108.157.4.92
13.224.197.4
13.225.80.81
13.225.80.9
13.225.80.90
141.95.3.10
142.250.184.226
142.250.186.162
151.101.2.49
151.139.128.11
162.55.236.224
178.250.2.131
178.250.2.151
18.157.252.145
18.158.20.100
18.159.145.91
18.184.69.62
18.196.233.14
18.217.60.34
18.64.79.126
18.66.248.93
184.31.84.150
185.167.96.10
185.184.8.65
185.255.84.150
185.29.134.244
185.33.221.186
185.93.1.242
185.94.180.123
185.94.180.126
188.132.147.227
198.47.127.19
2.18.233.180
2.18.233.201
2.18.234.21
2.19.35.65
204.62.13.72
205.234.175.175
209.54.176.128
212.129.3.113
212.82.100.182
216.52.2.30
216.52.2.39
23.227.139.243
23.88.75.187
2600:1f16:e61:3f00:3e0:6686:45e9:a16e
2600:9000:20eb:3200:8:48e:53c0:93a1
2600:9000:20eb:4400:f:4f64:8940:93a1
2600:9000:20eb:c400:6:44e3:f8c0:93a1
2602:803:c001::200:144
2606:4700:10::6816:354c
2606:4700:10::ac43:db6
2606:4700::6810:125e
2606:4700::6810:5e41
2606:4700::6810:7daf
2606:4700::6811:4f22
2620:116:800b:21:ea23:7677:128a:8c9c
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:802::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2008
2a00:1450:400c:c08::9d
2a02:fa8:8806:20::2010
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42::300
2a05:d018:24:b001:c5b2:6467:3d71:6a2f
2a05:d018:d29:3602:5ce0:1e2e:863d:4da1
2a0c:5c81:5139::2
3.126.56.137
3.213.248.174
3.216.55.148
3.33.220.150
34.120.133.55
34.120.157.206
34.149.20.76
34.254.143.3
34.255.158.76
35.156.230.193
35.158.184.159
35.164.52.163
35.174.217.176
35.190.39.246
35.190.59.101
35.190.91.160
35.201.67.47
35.201.81.244
35.201.96.133
35.211.178.172
35.227.248.159
35.227.252.103
35.244.159.8
35.244.174.68
37.157.4.24
37.252.172.249
37.252.173.215
44.225.168.153
44.239.145.70
46.105.202.126
46.249.52.249
5.178.65.252
51.89.9.251
52.19.22.209
52.211.48.215
52.50.61.155
52.95.115.196
54.175.36.162
54.76.155.32
62.209.227.211
63.250.56.119
66.155.71.25
69.166.1.14
69.173.144.165
72.251.244.141
76.223.111.18
8.39.36.141
8.39.36.142
85.114.159.118
89.163.159.103
001083666ce523cc9fb81fe98cec61abdc8d9d254f21ad73b2004092c3074e2a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05f6ec43a18a29b286afa7210544347956706d0035fa829256e1b52386e8d0eb
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0884b6d1c70f2e1f952116f68dbffaa92e035bd4f427274b6ad3a0bc6fcf9a37
09643085894b7da6f7c6369f3adc5c3061d7c859d1726f21c6e8aab54fa56597
09f6a0aa596a214258b9de31c9abe531ed8d0d529d8050f189c369c27755c4ee
0a9714a5dca7839f2be60d5b669471d6f9a218143591abfee04c3450d2e391dc
0aa87ccf3a1419b793e70ac232b54165a20b868b04b90d91a61184f9c6e25d1c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e652a9b099ea15849ac82f3fc8a982375eaad197ffade13599b59a9ea76a8ef
0f4fdf9f78a6678207ffa7eabc4f2a2eac3cd756b3aa69c6ad75b4dc81ce1d36
0fed0a9895c267bfad9f04e60541aa5b2fc8263b2041d9a941e90120d02bb550
107e8e208fe6196f15cc6fa732dca44a2a0cbe65062f3310a34ecfb362ffb600
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12cb781ca6a1d562d34e4f7ff12047131a46c638db59b7541fedb1c1a70c9495
137231356bfa88b77d4b0fa5bcff25a7ee47b571d6c5d907be4c20c1762114ed
1372e4964d1b62eee0aede17a2a8b6b9977044efe56dcbd669f51c43bf8a65e5
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
154c0138b534d04bd2d03c99bed790c5d1963d220b4e87c468e08996b42f89b9
17bff9a76501cb050bb373f400ea5af25a80e074ecff1b773498f6c116d0b621
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
19b2765901525d7caf08438303985a63e6953e049b7c9c68e6621418e15455c6
19df086d05dbfd2b75f0b8d4b7e7fee55bece71aae1b6f7127780625925310d3
1a82e10cb46c0b0fa8fb9811ba0115d2f197d714fd3b7c8831b8aa7c56101135
1c2e4cd06909b76e8e9ee20109f9caccc0b162c52a28b3ee928f3c4e1f3102a2
1ce89e710be9b5567f89e1c8ed91b8511f17a04cee607a64644f4daed772dccf
1e4a992da2b7d1d16784aa34d4c482fdb23ec4dcfd2454dbbdb2431bdbb2ad81
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
24090898d9613ed1401241b5749947f6a82f7aae10173c6003c54e8cfc8021a5
2503edb516664f1526dea7dbfafcb4e76f213638ac90f837aab9f0dba955f98a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2729f05deecd91bf2a635fe74524b5700ad387e237e618047826d0ebc7e3e13f
290da37ac84b04e9c396bcc44a3fd3451f9f120cdde81bc865d59dce99a91f12
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
2c350eeeab7ab463771799736b4db2531a27fb4c410e5b534275cb8eea533e7d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eff9682459cdf09edbdc26d40a2ebe4ebe9a89398676952d0b06c1630452789
3129a320e114560a9f71fc38c12418741705cb0b4b09072932f307af94f74589
31e2070366b499db4a7c279958feb6a3cc9022ffa2cbc25aa42f295fa31b6219
32fbca293b53d31ba986ea99322894d33c675d97a1ced7bf98a52e77bd21b0f3
33277ffb1c537988994e15918695f168d9b7ee59d5866f132731d3f5dfa35068
3381a2338c226fa98684959645df87ade3f057d360e8f2ca62e29523c3befacd
3512b656ffddeba0274cac35d1c9b867d3d35dff5073416cfa670c962ca8e0ac
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
353edca7c518cbd38e7e6f889e7c4db8a15d235f18754aa217d149c911f1f5ad
360e772a6f529a59f42413cc339962db56217c638ff4b82be8e570a27b307bc7
36888c04868ad973127198ca39debe974bd10d13871eeb44dd7931319d58c88b
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37af83b7b3447b5e7b839c6406cbb743d9258ce5a11e65ad03381efd9cad1a71
38b9a3cbfbbd68ccd300e39fdd7dd48075591d83d02ebc0bb02d6eb6fbade5e6
38cbcc988d3d66998187112841e049d6875d913aba2b5b49b4a762eb051baf50
3912cdb48b4025ef2dead764c55b64e2e6c64c5c2e678407c9f091578fb10330
39a83e327691344ca448f4fd93943fd453d69f8198bbce66952db75122bb6b3c
3cbfa45685b4ad91c14f3256742155082ef47dc59fb6838faff5329877c5ad9d
3d6c896afc276f6161881259e316f57752f770e95dcfa1252866a6959735746d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ec0c534276734038633f26e02e18a9517ffe8a3d73f7bec41e44c31848af549
3f0fea18b0934e70b8e4a952a8266eef806b22679cb6537c006b1bef734aef4f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
45088d5307a8c526cf8bce9aae2967d79aa21b9f987ee896ed1a93f5a8b9e04f
456841e521b201d7c7277fdfb34e9bdf1165f88358c161a3c0dfe3dae08d1343
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48bd0e42f707c2ce131de014bf337a3d41b15440520ab32876f7f68b0583572e
4bcaaa5f6dfdbf78bf3bd8e03337e69a21c93be7553c38d8661071e93233d1e5
4c0d2508cf999f223d24f7e1f10429fbf81cca22055da0f0a9fac3505c68e62c
4c5b55ff805d5e4c854c5ab9a9bfe23335fa48df78b79e45334d792507d674d2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f18bae9ff9028823a99a8d790571206784ab612e567a40e6f8a3e6ed39dca26
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
4fdd1311b00d3e615004db15d63b4ef846dc3299f77cf981f8065ad4647a3409
507c27740d49f6b21e854adb09f4f2b4e482ce1e2d043e3d71d25a652543465d
5082b2b8ffc1cdcf842772a52381784567db8aa9c9ef1454f699135cfc7a7689
5119c3bf4eeafb96ff6d3d2ed98d6adb464a834c22e435fb2255948b16b1d964
51308cfc2cee270e6819ae124d2eb4eec815637c9ac20f0b4a44b20ff0c41689
54386238bbc5ed215eddc6624514a4bfdd0f23e0a744c5623bf7fb7f2078043c
544655deb2ee0c64031ce29769c557f467a81dc635a70f19f348869a224fd8a3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57043d78f8cf5526b5a55e16d57f740ad4ea862ca2f597906019160b9c40e911
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5aecd2ce89702ca4f7f04c04e45dc63195c2aa23ba78c169d37885cb98388b87
5af981cdf669921489ca2e7ee8d7e170460a1e009537f67f502d56275c96a563
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e310e717fe37fcee6d5c142b0c57b4bc95daa4c26889958a07e7d8c18f0e8c8
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5e9e8ae4b52da14c2647bcd0d9697ccb862c5e8cf6f617bbecb1153beb33e950
5fb143acb6c2530794155476810cebbd511a5b51399ae7ed92f77e6bf7d2cf55
5fb4cb554efd808c5f0ab1a06394d70e8ee1f47934ebc82bfe6cb946abd27456
60a277fe84d5a860a3a23d46a61fc6521bc83717fe00bd726a90a6bf73d4418d
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
637b0fc8580800ffac2259a961102847d2efe969192aac4fcc0bb6cc4591dab1
64dd95525173dc5246e7de8a90b5ef0b70fc81dfa28f95128655e9bbf06ef8c5
661abd0d64a9b9e2aae3d1ffaef4c2ba19f82ec5149d783ce4da4edd6bc17813
66a81e30fc3c535336c7a219f1920c457ed3cab72d006d831968daa35596655e
676e6403bb08590846ec14e2d39a692d5a1899bf610ca9ef85a43db914dc8000
67caa0cc0d6a05abbbf89a054bd76852d080a5168ba02cc7d9e9a0e75afde05d
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
68d5899d1f2d79c7679d41d0a8e6e45ee0d1c79dbffa5b8b650b70c61382642e
6976beaefb000a67baa5c22d2602b8f53e3173b7485d74b57c06cc16a5e4f0d8
69f089641908c420c8e09b3871ccf52e7b47dacee6c1d31a81ae06ffd61063b2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5277c17a1e9876fc139a9f3a50bfb5320b5583f802a7ca7c9609244af57ce8
6c76479768857b5db034bf4673213a475a39fa49b80aa09b21d024291dac1253
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
6e9fafd10b9c075cbd480ddbc7e48b43c24fb0d857277a5af1e967fefdca1c8f
6f14bbac9d758a951d5b9568e4fbdedf930a947c23a8040febd105d68b7d927e
70b0cac4fcd4ca1dd8fb367d82883c88d6cba544ced1651a0aa498457da7e11d
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
7300fe0ead66e0e8d4d1d91136ef7fb6aa157b614e1f9293f807dcca5e837ee2
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7353393b2cd3fa7cd790141db2cfc7dc5a061dbe36918570de79b6348c65ec33
7363fd822cbce9970c3e0d1cf6e91261aaec7d82f32dddfb589dd4a5081da2cd
73aa0b3eb13e34e7e7030368de080660d9ca41b583ad4eada429df8d631f5a47
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74647fa1512f4be36775eef767cdae9c315f38f8fcbb494c9bcae35fc7119298
755bf48c476bdef2c99e2704005a0093fb304cb001ce23cbedc55439b91b6719
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
7952a34f886e3cef6c4522009e3abebb3b7f8254955848f6ef064a915fa9ed23
7977930e6270b12a76394b3377b52b334fa5d83a67ee8d57199387851a5424f0
7c169df76bce2965c8937af0a40df533c98564c446b282abc59e82987cdfdb95
7c57c4d05d08dad65bc6935b48f240ba3b7a31897805b4def998917a8dcb6ad7
7c5a777ae5f019ccfc137e41a5ba673f03c52e28538ff33ecd31be1e8741709e
7d409d40452e89d9d370724999a883b2c61e2a38756d16399f5a42b17ffebe74
7e82a81369f38985c7143378d5d5f883341d230023b2d03e4bb00b385f2f11d4
7eb80ad3c4fc582851ca1e36d356a1b4d0f523a6651223c5846e32b3226a212d
7f5ce3bd9f954122a5e017bbc4f28a36e2fcc3a22d2d04da316a366f55e3e7cc
8023286f9ad1440333463e3c1c449c356c6e690d42a0ac7d6f6f231845481a9e
803ea1c3e7df23acae6897a2f854114ebf8a0600d3763aa4b5ec8f509d5643e9
81479160d751cc15348df1854bd41d2ab88276f163a08ebee2dfaaa73ea514fd
81b683dd9d42cd417d7d9b29ab60b1d30c8f3b6d0cd6dde6587725805559a7d2
81de3d022372c7585957289df3e7b3c5aab73f0208876318a0f2e4c51499da96
831eaf6f1c288f766382de0ff923046ec00f3e7346af39b1849c0630203215ec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8482aa6ef251f1c25551c351123772eb46dc4f2d4c1f547ff7c124b862743f35
86e2a0829ac9ef49b49738ed5e75f79624362ccc389f6b831cccd2d043a69fb6
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a571975593e5f494e4c94a8b7e19a1b48541aeddd4f5ce030c990ebc19413a5
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8cd295e68be50a02352f50a968b8d76e6ce5b2754171c6e1ae231e34d6e6e023
8d640e6b6737bda6046e35303e215fea6cacb71cd0e7f835368125f5bc39f15f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9003eb7e3040cdb9591230348da3f8342778da4f6ba8b2ce9deafa8970caba4a
90bbd4f73d0f5110efc6b9162aa0e51273682ba2489e27b2bc1b4e755cb56e1c
90f9f9aefce9207a3e9dbb3930ba4afe97f1738fcb84b7ead91e7df7c232fb7c
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
954e385ecd6ed2ab0cb91dc0333ea1b3cf1bdcfe309d4857e7181324cb8dc25b
962f7ad45a486add1b34cd01f38dc3027d3bf127817064becebaaf0b45fba676
9896789a730bbb8d056a1b50c6ff07da76264464257d811234637f35dca051c6
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9c79cd27e75133bac4fb4134f774bab87c719f66d06217ce484d874a36e8659b
9cab7a2588ee09da94299ab1b8c38adacec9e8622e21c01c98e134d7910fa0b8
9e96d2f779f33260944376e53b6c7f8d6e4fd6527850595f0c7fc9ef72a306ee
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2e74eff346730ca76477c6ced890e0c4b15922551b615e72a05ecbc06623d4e
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a33a7428c34b67eb5cb61c7c25b5aac0334d6f4643c3a108324de49ff86f8407
a3aa18d5764d310366b8dfa20ced37a00b61a776f1ace733cf21ad63dd848e87
a4f27ebb0f237a1ae53cfeffa54619fb1c003abd679afb6660ce76e28cbedcad
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a57e1516e53f21a9c1dd939cde9c84285ad575d8038696085503aac6f578353f
a63e5cadd935b4e0f99d4e3813d01b5c71f7348fa8ada43d7e46ac9caa57939a
a6882cb265ba2e2b0ae64e04d8501ffaf944d1c9f3cca54e59d6cf9e22cdc61c
a695a19b81a7ca98d82d7dfdd05916c268f1961c106944a22689f806e9d78f02
a6b7528807c7a8ce7de177d0d17de8f904f6f8e40a716cf10ffb91b87e2ae7f2
a92ec1aa4020e811b3b4ed570edce2d9c600a8e6a5f167a78d0076069dcbb12f
aa397bf938b1903df90d04571c2c064fcb16e5afdabbde248835f6127b988578
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
ace4208545fb0ff5ea87fbe1470d3bf0af8e73d7d52fea869966c4b9d8c78a60
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae1dcff32bb920705348f39e8261e0bd0f6cb1c07671a75ed25c89ac8109d204
aec673289b026009eb7fe75ca390e58cdf89eff767181aa647e9762c0e00a73b
b0cd2222a5c595e25f933bd997ee06638c753b69a27ab47ea8aa5fe45d19309f
b11c2d7fe116f71f28c56ae965e0ab4fc036380604a76d024366138576e3cecb
b1387edfc1a4b95062ab9021e064eb6244f3888cc60afaf51bcde1a58d5a49a3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e39b87923eca28344a90203e9db7aa7c85c095852667c9639825ca9351abb8
b35bf395eacb6c9729106a9e6a6e12856c8bab8f9109a4fae0f7704b60a22b42
b6cda1555fc224a9cb1026e350d5a5c47950f9d48eebfff889f8e9a1b5ffa0ce
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd7019a61423675e52bdba2f2e2da34cbdf002da173954e0189af0a4ae013e6f
be47358b1a306df59474d60448124d67568362be0da52e80f3837aa10f8ce47f
be68b41604ef80c35c72104ef2ac793a9f22d4c7a01d53dedbc4325b07ed7a01
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2636950e24a16cabde437cfe063116861f1c980d083fd02be2721f1be9bd3bf
c2d41ab3ac71c57abaed45b576fc5ccb5c7bfce6a284dc9b6d0eb873b8fe4cf3
c2d9bb230f9dab25bc5d06f6a5aaa57e8ae3fc18c4cbc50b87b7a3d13c6c0555
c3f05412b273a3c32bf550bf721db6302d8c8c8692d25b847f278ef67693195d
c429a69da80634af457e92b53bab4e8482055e1705fbbafc35f024009b673aff
c51fffe2be6f1a72b6d297c12af42ddea28f64b60d1d75a7fe774114dd6942a3
c5499c83c0095bbaf4f4b0a48afc5f3805b11df0ec0136e2a64daca5d4f87b15
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c66ea455615b3b75729d2622ab3d98e7d7fc7e47a98af4767873bc48ff15153a
c987618d391c9f3e81850a874a05a8a766d1a583dbbe3d222174ca491b2df3af
c98f0b403cf0113301ac3b16bb00610053a877379f6fc4d8350db87974c395e5
c9cf58280bd643f12e44ec9372a562ce40ced9666a83db84ae1af3380485dd61
cc025d3b1a95148a510f480bd33a1ea0c91b4d9bf78485e89cd73a3dc421fe98
cc0acbbf5a82c65c6944bf7f07319ce12fc7a9c402d6a54998279be7a96107f4
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
cfbcaccdde25484081657fb53245eb8a92a626ee25308c9d27fd0c184a533bf4
d0d9b838b22691e322eda75698f155543522b91efb5a876591478a57f6cf656a
d1df14a1aa5492265fc073290d8b83eb236f984d1b5dc87d4f1909dd2ac82389
d2349a025739e069d57656f3b805dbdb5b48e79b45a5d24ac8b9ad2428041098
d329b37f313cef241a9917e721f9503ee793f22d9651a3685929151a09470d7c
d385b1d4c86e8bf918eec196450c1bd47856cf7959ba87c4a53b5d96a01069aa
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665
d3f3a9669a1c26eadf39025a3dc28dbf8699eeb1792778c5e9413a6cde98ffae
d4746af6c8a8f2286cacff181a6c3212ed18b1f760dd5970e2222b8a03142bbc
d57273e78fb1aa3130311be9bbd6929b8c8d2e622ff1289ad4bd6ef046922fad
d709873b2dd3058fdb02f9325eb522bd13420e9aa57fa9d1c99723ce6947e517
d7f23b706c2051cd14bbfdc75b158a623e575846b2a34cf308709793fb72f5e8
d8ba6e00e79f5d4ffc5e3f634123c36823648e601c5d6465d27c65e7797d2807
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db12238e10df0181b6a1a1d65f4b889a70fecfdaea11d7d166781fa0f15bfbab
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd537f45624df3c3158f86ad88df9cc91464bfd9bd498779c6f0237f7cfe8fda
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec984ba9dc2f2e8a6d2396f70bd2a10fbf3bdb47664da38de1ca4a35c13351f
df18357d420a5824439135820319ef53e2d1dcca38d316e288b9def87b3dda3b
e022f878642a64d4118c3dd87040bfa69b6061f03ae5b413a0474e9dedc38e41
e0b2afc6253c260074a5d28e3829df1190c2dd29935e2da120684db28d1fe99f
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c0a69d6de03571afb770c25f2216665c272ff731e3699ca3a2caf80d730f93
e4bd9ef2e8f81379e29602da18a83097a149c396b0d13e87217e2692613ba7a1
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7
e669216314f013618bf978b08fea09f43de509466e7d0f0c683afbe32b3687d5
e711293b95a657aa56a2f13594008395a42c3eef9845ab19d791e2e2324749f7
e7e8818dddf0efd01962338d5a7d7cf3c8c3709b639f95a0a1467bd7c5ce0a7f
e7fe30b7718dc0a682cf3431e839e7533d981890cfcc3e9b571b139ed431523b
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
eaf31e07efb5e2d3d422ec46e533bc72be0827e6205b72af0204f488b470bec8
eb43b5025933b9759ba4b26c6426ebabc359676317b7df620acdd6ac03aff1fe
ebdc14b23fbb6b3ac00fc338250afcc480b42537917c0a7706e84a30e01aa9e0
ecb6dac496818e5be7cd90e371c56c47f61030000872520d6cadc7f345cd5e6f
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f17fea7cee4a9ae74981b2930b10a3aafd713f4564080def24e5fb8342a338
f1fc528926e95c19b118679b383b6bbde887936ea0f27f67c037049bb26bf498
f2913c658584e6b3d551f601541dbc179c2429053006e5dd9d68821ca158814d
f33e426fb1bd1864754df8a2d9ae1776d139e65ab6e7365887961c11bb774569
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
f7266ace550671f9ee12e1e3cf91480093e6e4222d1aa317e0cc9b2f13ce3927
f7556d4af8aa3b9449d17bbaa37847dddad5c8018efd29f241562c010307076e
f83525f16ff835fe5758be6f531ecd5e4efdce465f5935de044f1625a8d0d7b3
f98c2ddb1e87658e321407ee62de37aef765555e0704a14e969dddd92d3537f3
fca521e86e9f656e62beeca53056a6e38e00ba7a988e22feebb3e084b91ab164
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fce57176c3fc529904284c4bca3e583b9409219fcf863e9891f32659aaa378dc
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
ff396c67ce1d6ec51856128ac4db11395082f8f070a3e8e495d9bdcfe120a0e9
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869