urlscan.io logo urlscan.io
SecurityTrails logo

portal.tds.net Open in urlscan Pro
64.8.70.222  Public Scan

Go To Rescan Add Verdict Report
URL: https://portal.tds.net/
Submission Tags: falconsandbox
Submission: On June 02 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 12 countries across 98 domains to perform 586 HTTP transactions. The main IP is 64.8.70.222, located in United States and belongs to LEVEL3, US. The main domain is portal.tds.net.
TLS certificate: Issued by Entrust Certification Authority - L1K on October 27th 2020. Valid for: a year.
This is the only time portal.tds.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 64.8.70.222 3356 (LEVEL3)
127 152.199.22.185 15133 (EDGECAST)
1 60 199.232.137.44 54113 (FASTLY)
1 69.168.104.86 36271 (SYNACOR-C...)
15 142.250.185.162 15169 (GOOGLE)
6 152.199.22.191 15133 (EDGECAST)
2 64.8.70.81 3356 (LEVEL3)
1 5 52.222.158.71 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
23 193.122.131.28 31898 (ORACLE-BM...)
3 151.101.13.44 54113 (FASTLY)
1 2604:2dc0:100... 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 52.222.168.121 16509 (AMAZON-02)
1 2 2.19.35.65 16625 (AKAMAI-AS)
10 2600:9000:218... 16509 (AMAZON-02)
1 52.222.158.59 16509 (AMAZON-02)
1 52.222.158.96 16509 (AMAZON-02)
2 150.136.156.92 31898 (ORACLE-BM...)
4 69.173.144.141 26667 (RUBICONPR...)
1 2.21.111.28 16625 (AKAMAI-AS)
1 178.250.0.165 44788 (ASN-CRITE...)
6 12 185.33.223.178 29990 (ASN-APPNEX)
1 35.158.25.241 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
7 206.189.254.17 14061 (DIGITALOC...)
1 7 52.94.223.37 16509 (AMAZON-02)
3 64.8.70.58 3356 (LEVEL3)
1 1 52.222.158.109 16509 (AMAZON-02)
5 22 2.18.234.21 16625 (AKAMAI-AS)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
6 2.18.233.180 16625 (AKAMAI-AS)
2 2 2001:678:cb4:... 56396 (TURN)
7 150.136.25.38 31898 (ORACLE-BM...)
19 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
20 26 142.250.186.162 15169 (GOOGLE)
9 12 76.223.111.131 16509 (AMAZON-02)
1 3 54.239.17.112 16509 (AMAZON-02)
2 3 159.253.128.188 36351 (SOFTLAYER)
1 1 52.48.65.146 16509 (AMAZON-02)
3 6 52.30.140.199 16509 (AMAZON-02)
3 185.64.189.115 62713 (AS-PUBMATIC)
3 4 37.157.4.39 198622 (ADFORM)
2 2 213.155.156.164 1299 (TELIANET ...)
7 185.64.190.80 62713 (AS-PUBMATIC)
1 2 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 19 185.64.189.110 62713 (AS-PUBMATIC)
3 3 52.49.238.187 16509 (AMAZON-02)
2 185.86.138.114 201081 (SMARTADSE...)
1 1 162.55.6.212 24940 (HETZNER-AS)
5 5 185.29.132.69 30419 (MEDIAMATH...)
2 185.64.190.81 62713 (AS-PUBMATIC)
3 3 51.210.112.236 16276 (OVH)
1 5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 3.126.56.137 16509 (AMAZON-02)
2 2 2620:116:800d... 16509 (AMAZON-02)
8 8 35.157.13.124 16509 (AMAZON-02)
4 4 34.240.2.137 16509 (AMAZON-02)
4 4 151.101.14.49 54113 (FASTLY)
1 1 178.62.202.251 14061 (DIGITALOC...)
4 4 66.155.71.25 13768 (COGECO-PEER1)
8 2600:9000:218... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
3 5 35.244.159.8 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
2 2 18.156.12.32 16509 (AMAZON-02)
2 8 141.226.228.48 200478 (TABOOLA-AS)
1 5 69.173.144.165 26667 (RUBICONPR...)
2 2 88.212.252.22 7979 (SERVERS-COM)
1 52.21.23.66 14618 (AMAZON-AES)
3 5 198.148.27.139 19189 (PULSEPOINT)
2 3 72.251.249.14 29791 (VOXEL-DOT...)
2 18.195.155.181 16509 (AMAZON-02)
8 9 54.36.109.166 16276 (OVH)
2 2 18.197.249.149 16509 (AMAZON-02)
2 2 18.195.105.17 16509 (AMAZON-02)
4 5 35.227.248.159 15169 (GOOGLE)
3 4 52.211.113.33 16509 (AMAZON-02)
1 1 172.105.213.147 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 35.205.207.25 15169 (GOOGLE)
4 142.250.186.130 15169 (GOOGLE)
4 141.226.124.196 200478 (TABOOLA-AS)
2 141.226.124.215 200478 (TABOOLA-AS)
2 141.226.124.200 200478 (TABOOLA-AS)
2 141.226.124.206 200478 (TABOOLA-AS)
2 141.226.124.194 200478 (TABOOLA-AS)
2 141.226.124.231 200478 (TABOOLA-AS)
2 141.226.124.205 200478 (TABOOLA-AS)
2 2a04:4e42:62:... 54113 (FASTLY)
1 185.64.189.114 62713 (AS-PUBMATIC)
1 2.18.232.130 16625 (AKAMAI-AS)
1 1 134.209.131.220 14061 (DIGITALOC...)
1 205.185.216.42 20446 (HIGHWINDS3)
1 104.17.120.107 13335 (CLOUDFLAR...)
4 4 213.19.147.44 26120 (RHYTHMONE)
2 2 213.19.147.45 26120 (RHYTHMONE)
1 1 188.165.137.78 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 173.231.181.122 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
2 3 18.198.126.47 16509 (AMAZON-02)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 34.254.122.11 16509 (AMAZON-02)
2 2a02:2638::3 44788 (ASN-CRITE...)
4 104.111.230.142 16625 (AKAMAI-AS)
1 178.162.133.148 60781 (LEASEWEB-...)
1 7 178.162.133.149 60781 (LEASEWEB-...)
2 4 35.156.153.71 16509 (AMAZON-02)
2 2 3.123.143.157 16509 (AMAZON-02)
1 1 54.209.16.83 14618 (AMAZON-AES)
1 38.27.122.158 174 (COGENT-174)
1 1 52.71.70.131 14618 (AMAZON-AES)
1 23.45.99.241 16625 (AKAMAI-AS)
1 34.98.67.61 15169 (GOOGLE)
1 1 3.120.52.200 16509 (AMAZON-02)
1 1 18.194.175.178 16509 (AMAZON-02)
3 4 54.237.174.15 14618 (AMAZON-AES)
1 2 54.229.143.145 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
1 52.222.149.23 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
4 5 69.173.144.139 26667 (RUBICONPR...)
1 1 69.173.151.90 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2 51.178.20.139 16276 (OVH)
2 141.226.224.32 200478 (TABOOLA-AS)
1 2a04:4e42:1b:... 54113 (FASTLY)
4 142.250.185.226 15169 (GOOGLE)
1 52.215.94.165 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
3 52.29.156.139 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 54.76.52.164 16509 (AMAZON-02)
586 112
7    64.8.70.222 (United States)

ASN3356 (LEVEL3, US)
portal.tds.net
127    152.199.22.185 (United States)

ASN15133 (EDGECAST, US)
tesseract.media.syn-cdn.com
engage.media.syn-cdn.com
vam-image.media.syn-cdn.com
reflex-engage.media.syn-cdn.com
vam-streaming.media.syn-cdn.com
60    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
1    69.168.104.86 (United States)

ASN36271 (SYNACOR-CLUSTER, US)
sadlib.static-app.synacor.com
15    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
securepubads.g.doubleclick.net
6    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
smartwrapper.technoratimedia.com
ad-cdn.technoratimedia.com
2    64.8.70.81 (United States)

ASN3356 (LEVEL3, US)
PTR: static.garnet.synacor.com
static.garnet.synacor.com
5    52.222.158.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-71.cdg52.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
23    193.122.131.28 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
scs.syn-api.com
location.syn-api.com
weather.syn-api.com
am4.syn-api.com
3    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
c2.taboola.com
match.taboola.com
1    2604:2dc0:100:282f:: (United States)

ASN16276 (OVH, FR)
api.cloudquote.net
1    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    52.222.168.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-168-121.cdg52.r.cloudfront.net
c.amazon-adsystem.com
2    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
10    2600:9000:218f:f800:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
1    52.222.158.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-59.cdg52.r.cloudfront.net
ats.rlcdn.com
1    52.222.158.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-96.cdg52.r.cloudfront.net
geo.privacymanager.io
2    150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
tds.technoratimedia.com
4    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
12    185.33.223.178 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    35.158.25.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    206.189.254.17 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
7    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    64.8.70.58 (United States)

ASN3356 (LEVEL3, US)
appserv.garnet.synacor.com
1    52.222.158.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-109.cdg52.r.cloudfront.net
s.ad.smaato.net
22    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
js-sec.indexww.com
as-sec.casalemedia.com
2    2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
6    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
7    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
uat-net.technoratimedia.com
adtag.technoratimedia.com
19    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
10    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com
26    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
26    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
12    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
3    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
um.simpli.fi
1    52.48.65.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-65-146.eu-west-1.compute.amazonaws.com
d.adroll.com
6    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.164 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
7    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
19    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    52.49.238.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-238-187.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    185.86.138.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
csync.loopme.me
5    185.29.132.69 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: ns3175227.ip-51-210-112.eu
pixel.onaudience.com
5    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
8    35.157.13.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-13-124.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    34.240.2.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ads.avct.cloud
ads.avocet.io
4    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
4    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
8    2600:9000:218f:6600:10:43f:4340:93a1 (United States)

ASN16509 (AMAZON-02, US)
gw.geoedge.be
4    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
us-u.openx.net
u.openx.net
26    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    18.156.12.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
8    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
sync-t1.taboola.com
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    88.212.252.22 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    52.21.23.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
jadserve.postrelease.com
5    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
ap.lijit.com
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
e1.emxdgt.com
cs.emxdgt.com
9    54.36.109.166 (France)

ASN16276 (OVH, FR)
id5-sync.com
2    18.197.249.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
2    18.195.105.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-105-17.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
5    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
4    52.211.113.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-113-33.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    172.105.213.147 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1867-147.members.linode.com
s.c.appier.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    35.205.207.25 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
ads.avads.net
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
4    141.226.124.196 (Israel)

ASN200478 (TABOOLA-AS, IL)
t1.taboola.com
t3.taboola.com
2    141.226.124.215 (Israel)

ASN200478 (TABOOLA-AS, IL)
t2.taboola.com
2    141.226.124.200 (Israel)

ASN200478 (TABOOLA-AS, IL)
t4.taboola.com
2    141.226.124.206 (Israel)

ASN200478 (TABOOLA-AS, IL)
t5.taboola.com
2    141.226.124.194 (Israel)

ASN200478 (TABOOLA-AS, IL)
t6.taboola.com
2    141.226.124.231 (Israel)

ASN200478 (TABOOLA-AS, IL)
t7.taboola.com
2    141.226.124.205 (Israel)

ASN200478 (TABOOLA-AS, IL)
t8.taboola.com
2    2a04:4e42:62::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.serverbid.com
1    205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1    104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
4    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.targeting.unrulymedia.com
1    188.165.137.78 (France)

ASN16276 (OVH, FR)
PTR: ip78.ip-188-165-137.eu
green.erne.co
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Hjørring, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
3    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
loadm.exelator.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    34.254.122.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    178.162.133.148 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1.go.sonobi.com
go.sonobi.com
7    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
4    35.156.153.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
2    3.123.143.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
1    54.209.16.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
1    38.27.122.158 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    52.71.70.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
1    23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
1    3.120.52.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    18.194.175.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
d.agkn.com
4    54.237.174.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i.liadm.com
2    54.229.143.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ml314.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    52.222.149.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-23.cdg52.r.cloudfront.net
tags.crwdcntrl.net
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.173.151.90 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
gu.dyntrk.com
2    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
ade.googlesyndication.com
1    52.215.94.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
vid.springserve.com
1    2600:9000:2156:a000:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
3    52.29.156.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prebid-server.rubiconproject.com
1    2600:1f18:612b:4264:633b:993:9fb0:9786 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
b1m42-2hald.ads.tremorhub.com
1    2600:1f18:612b:4200:9878:bccc:ffb4:c803 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
fzbtq.ads.tremorhub.com
1    54.76.52.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
vid-io-dub.springserve.com
Apex Domain
Subdomains		 Transfer
127 syn-cdn.com
tesseract.media.syn-cdn.com
engage.media.syn-cdn.com
vam-image.media.syn-cdn.com
reflex-engage.media.syn-cdn.com
vam-streaming.media.syn-cdn.com
3 MB
91 taboola.com
cdn.taboola.com
c2.taboola.com
trc.taboola.com
images.taboola.com
sync.taboola.com
match.taboola.com
sync-t1.taboola.com
t1.taboola.com
t2.taboola.com
t3.taboola.com
t4.taboola.com
t5.taboola.com
t6.taboola.com
t7.taboola.com
t8.taboola.com
pips.taboola.com
cds.taboola.com
794 KB
52 googlesyndication.com
pagead2.googlesyndication.com
eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
559 KB
50 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
283 KB
40 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
73 KB
26 2mdn.net
s0.2mdn.net
452 KB
24 rubiconproject.com
ads.rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
prebid-server.rubiconproject.com
60 KB
23 syn-api.com
scs.syn-api.com
location.syn-api.com
weather.syn-api.com
am4.syn-api.com
33 KB
21 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
as-sec.casalemedia.com
24 KB
18 geoedge.be
rumcdn.geoedge.be
gw.geoedge.be
629 KB
15 technoratimedia.com
smartwrapper.technoratimedia.com
tds.technoratimedia.com
uat-net.technoratimedia.com
ad-cdn.technoratimedia.com
adtag.technoratimedia.com
157 KB
14 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
44 KB
13 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
29 KB
12 adsrvr.org
match.adsrvr.org
5 KB
9 id5-sync.com
id5-sync.com
14 KB
9 googletagservices.com
www.googletagservices.com
323 KB
8 sonobi.com
go.sonobi.com
sync.go.sonobi.com
8 KB
8 bidswitch.net
x.bidswitch.net
3 KB
8 serverbid.com
e.serverbid.com
sync.serverbid.com
531 B
8 google.com
www.google.com
adservice.google.com
1 KB
7 crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
tags.crwdcntrl.net
9 KB
7 tds.net
portal.tds.net
9 KB
6 synacor.com
sadlib.static-app.synacor.com
static.garnet.synacor.com
appserv.garnet.synacor.com
133 KB
5 tapad.com
pixel.tapad.com
2 KB
5 contextweb.com
bh.contextweb.com
3 KB
5 openx.net
us-u.openx.net
u.openx.net
1 KB
5 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
3 KB
5 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
2 KB
5 mathtag.com
sync.mathtag.com
3 KB
5 scorecardresearch.com
sb.scorecardresearch.com
5 KB
4 liadm.com
i.liadm.com
2 KB
4 advertising.com
pixel.advertising.com
897 B
4 1rx.io
sync.1rx.io
2 KB
4 demdex.net
dpm.demdex.net
3 KB
4 sitescout.com
pixel-sync.sitescout.com
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 adform.net
c1.adform.net
2 KB
3 springserve.com
vid.springserve.com
vpaid.springserve.com
vid-io-dub.springserve.com
102 KB
3 exelator.com
loadm.exelator.com
4 KB
3 lijit.com
ce.lijit.com
ap.lijit.com
2 KB
3 avct.cloud
ads.avct.cloud
1 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 simpli.fi
um.simpli.fi
1 KB
3 emxdgt.com
hb.emxdgt.com
e1.emxdgt.com
cs.emxdgt.com
217 B
3 criteo.com
bidder.criteo.com
dis.criteo.com
1 KB
3 rlcdn.com
ats.rlcdn.com
idsync.rlcdn.com
61 KB
2 tremorhub.com
b1m42-2hald.ads.tremorhub.com
fzbtq.ads.tremorhub.com
848 B
2 dyntrk.com
gu.dyntrk.com
1 KB
2 ml314.com
ml314.com
789 B
2 agkn.com
aa.agkn.com
d.agkn.com
996 B
2 w55c.net
pm.w55c.net
2 KB
2 criteo.net
static.criteo.net
53 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
1020 B
2 indexww.com
js-sec.indexww.com
2 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 360yield.com
ice.360yield.com
1009 B
2 betweendigital.com
ads.betweendigital.com
955 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 quantserve.com
pixel.quantserve.com
1 KB
2 smartadserver.com
rtb-csync.smartadserver.com
374 B
2 de17a.com
d5p.de17a.com
637 B
2 turn.com
ad.turn.com
936 B
2 dotomi.com
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
103 B
2 google-analytics.com
www.google-analytics.com
19 KB
1 jsdelivr.net
cdn.jsdelivr.net
53 KB
1 rfihub.com
p.rfihub.com
756 B
1 mookie1.com
odr.mookie1.com
607 B
1 bluekai.com
tags.bluekai.com
757 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 bnmla.com
match.bnmla.com
114 B
1 stackadapt.com
sync.srv.stackadapt.com
645 B
1 gumgum.com
rtb.gumgum.com
337 B
1 playground.xyz
ads.playground.xyz
485 B
1 deepintent.com
match.deepintent.com
44 B
1 adgrx.com
cm.adgrx.com
408 B
1 ad4m.at
ad4m.at
1009 B
1 erne.co
green.erne.co
325 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 digitaloceanspaces.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
5 KB
1 avads.net
ads.avads.net
449 B
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
362 B
1 avocet.io
ads.avocet.io
226 B
1 postrelease.com
jadserve.postrelease.com
538 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 loopme.me
csync.loopme.me
212 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 adroll.com
d.adroll.com
112 B
1 google.ch
adservice.google.ch
799 B
1 smaato.net
s.ad.smaato.net
563 B
1 privacymanager.io
geo.privacymanager.io
602 B
1 google.de
www.google.de
107 B
1 cloudquote.net
api.cloudquote.net
3 KB
1 googletagmanager.com
www.googletagmanager.com
35 KB
586 98
Domain Requested by
101 engage.media.syn-cdn.com tesseract.media.syn-cdn.com
engage.media.syn-cdn.com
portal.tds.net
26 s0.2mdn.net rumcdn.geoedge.be
s0.2mdn.net
26 cm.g.doubleclick.net 20 redirects googleads.g.doubleclick.net
portal.tds.net
eus.rubiconproject.com
26 tpc.googlesyndication.com rumcdn.geoedge.be
25 images.taboola.com portal.tds.net
21 cdn.taboola.com cdn.taboola.com
portal.tds.net
rumcdn.geoedge.be
19 simage2.pubmatic.com 1 redirects ads.pubmatic.com
portal.tds.net
19 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tesseract.media.syn-cdn.com
rumcdn.geoedge.be
tpc.googlesyndication.com
eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com
18 scs.syn-api.com tesseract.media.syn-cdn.com
15 securepubads.g.doubleclick.net securepubads.g.doubleclick.net
rumcdn.geoedge.be
14 trc.taboola.com 1 redirects cdn.taboola.com
portal.tds.net
12 match.adsrvr.org 9 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
12 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
11 ib.adnxs.com 5 redirects sadlib.static-app.synacor.com
googleads.g.doubleclick.net
acdn.adnxs.com
engage.media.syn-cdn.com
10 rumcdn.geoedge.be sadlib.static-app.synacor.com
rumcdn.geoedge.be
portal.tds.net
10 vam-image.media.syn-cdn.com portal.tds.net
10 tesseract.media.syn-cdn.com tesseract.media.syn-cdn.com
rumcdn.geoedge.be
9 id5-sync.com 8 redirects portal.tds.net
9 www.googletagservices.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
8 gw.geoedge.be rumcdn.geoedge.be
8 x.bidswitch.net 8 redirects
7 sync.go.sonobi.com 1 redirects go.sonobi.com
7 image2.pubmatic.com ads.pubmatic.com
7 aax-eu.amazon-adsystem.com 1 redirects rumcdn.geoedge.be
aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
ads.pubmatic.com
7 e.serverbid.com sadlib.static-app.synacor.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ads.pubmatic.com
eus.rubiconproject.com
7 www.google.com portal.tds.net
rumcdn.geoedge.be
7 portal.tds.net portal.tds.net
6 sync.taboola.com 2 redirects portal.tds.net
6 ads.pubmatic.com aax-eu.amazon-adsystem.com
ads.pubmatic.com
sadlib.static-app.synacor.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
6 ssum-sec.casalemedia.com 2 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
5 vam-streaming.media.syn-cdn.com cdn.jsdelivr.net
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 ad-cdn.technoratimedia.com sadlib.static-app.synacor.com
engage.media.syn-cdn.com
5 pixel.tapad.com 4 redirects ads.pubmatic.com
5 bh.contextweb.com 3 redirects portal.tds.net
go.sonobi.com
5 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
5 sync.mathtag.com 5 redirects
5 uat-net.technoratimedia.com sadlib.static-app.synacor.com
engage.media.syn-cdn.com
5 sb.scorecardresearch.com 1 redirects cdn.taboola.com
portal.tds.net
rumcdn.geoedge.be
4 ade.googlesyndication.com eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com
4 i.liadm.com 3 redirects portal.tds.net
4 pixel.advertising.com 2 redirects serverbid-sync.nyc3.cdn.digitaloceanspaces.com
portal.tds.net
4 eus.rubiconproject.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ads.rubiconproject.com
eus.rubiconproject.com
4 sync.1rx.io 4 redirects
4 googleads4.g.doubleclick.net portal.tds.net
4 dpm.demdex.net 3 redirects ssum-sec.casalemedia.com
4 us-u.openx.net 3 redirects googleads.g.doubleclick.net
4 googleads.g.doubleclick.net rumcdn.geoedge.be
4 pixel-sync.sitescout.com 4 redirects
4 sync-tm.everesttech.net 4 redirects
4 mwzeom.zeotap.com ads.pubmatic.com
portal.tds.net
4 c1.adform.net 3 redirects ads.pubmatic.com
4 fastlane.rubiconproject.com ads.rubiconproject.com
4 c.amazon-adsystem.com sadlib.static-app.synacor.com
c.amazon-adsystem.com
3 prebid-server.rubiconproject.com engage.media.syn-cdn.com
3 loadm.exelator.com 2 redirects ads.pubmatic.com
3 ads.avct.cloud 3 redirects
3 sync.crwdcntrl.net 2 redirects portal.tds.net
3 pixel.onaudience.com 3 redirects
3 match.prod.bidr.io 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
tags.crwdcntrl.net
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
3 eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com rumcdn.geoedge.be
3 appserv.garnet.synacor.com rumcdn.geoedge.be
3 weather.syn-api.com tesseract.media.syn-cdn.com
2 adtag.technoratimedia.com engage.media.syn-cdn.com
2 cds.taboola.com cdn.taboola.com
2 gu.dyntrk.com 2 redirects
2 idsync.rlcdn.com 2 redirects
2 ml314.com 1 redirects portal.tds.net
2 pm.w55c.net 2 redirects
2 static.criteo.net sadlib.static-app.synacor.com
static.criteo.net
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 js-sec.indexww.com sadlib.static-app.synacor.com
ssum-sec.casalemedia.com
2 pips.taboola.com cdn.taboola.com
2 t8.taboola.com cdn.taboola.com
2 t7.taboola.com cdn.taboola.com
2 t6.taboola.com cdn.taboola.com
2 t5.taboola.com cdn.taboola.com
2 t4.taboola.com cdn.taboola.com
2 t3.taboola.com cdn.taboola.com
2 t2.taboola.com cdn.taboola.com
2 t1.taboola.com cdn.taboola.com
2 ads.creative-serving.com 2 redirects
2 ice.360yield.com 2 redirects
2 sync-t1.taboola.com portal.tds.net
2 ce.lijit.com 1 redirects portal.tds.net
2 ads.betweendigital.com 2 redirects
2 match.taboola.com portal.tds.net
ads.pubmatic.com
2 rtb.mfadsrvr.com 2 redirects
2 pixel.quantserve.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 rtb-csync.smartadserver.com ads.pubmatic.com
portal.tds.net
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 ad.turn.com 2 redirects
2 tds.technoratimedia.com sadlib.static-app.synacor.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 static.garnet.synacor.com portal.tds.net
1 vid-io-dub.springserve.com engage.media.syn-cdn.com
1 fzbtq.ads.tremorhub.com engage.media.syn-cdn.com
1 as-sec.casalemedia.com engage.media.syn-cdn.com
1 b1m42-2hald.ads.tremorhub.com engage.media.syn-cdn.com
1 vpaid.springserve.com engage.media.syn-cdn.com
1 vid.springserve.com engage.media.syn-cdn.com
1 am4.syn-api.com engage.media.syn-cdn.com
1 cdn.jsdelivr.net engage.media.syn-cdn.com
1 reflex-engage.media.syn-cdn.com engage.media.syn-cdn.com
1 ads.yahoo.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 p.rfihub.com 1 redirects
1 tags.crwdcntrl.net rumcdn.geoedge.be
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 odr.mookie1.com portal.tds.net
1 tags.bluekai.com portal.tds.net
1 sync.ipredictive.com 1 redirects
1 match.bnmla.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 ap.lijit.com 1 redirects
1 go.sonobi.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 secure-assets.rubiconproject.com 1 redirects
1 cs.emxdgt.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 rtb.gumgum.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 biddr.brealtime.com sadlib.static-app.synacor.com
1 serverbid-sync.nyc3.cdn.digitaloceanspaces.com sadlib.static-app.synacor.com
1 sync.serverbid.com 1 redirects
1 acdn.adnxs.com sadlib.static-app.synacor.com
1 simage4.pubmatic.com ads.pubmatic.com
1 ads.avads.net 1 redirects
1 bttrack.com portal.tds.net
1 s.c.appier.net 1 redirects
1 ads.avocet.io 1 redirects
1 e1.emxdgt.com portal.tds.net
1 jadserve.postrelease.com portal.tds.net
1 u.openx.net portal.tds.net
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 spl.zeotap.com 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 d.adroll.com 1 redirects
1 adservice.google.com rumcdn.geoedge.be
1 adservice.google.ch rumcdn.geoedge.be
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 hbopenbid.pubmatic.com sadlib.static-app.synacor.com
1 hb.emxdgt.com sadlib.static-app.synacor.com
1 bidder.criteo.com sadlib.static-app.synacor.com
1 htlb.casalemedia.com sadlib.static-app.synacor.com
1 geo.privacymanager.io tesseract.media.syn-cdn.com
1 ats.rlcdn.com sadlib.static-app.synacor.com
1 ads.rubiconproject.com sadlib.static-app.synacor.com
1 www.google.de portal.tds.net
1 stats.g.doubleclick.net www.google-analytics.com
1 location.syn-api.com tesseract.media.syn-cdn.com
1 api.cloudquote.net tesseract.media.syn-cdn.com
1 c2.taboola.com tesseract.media.syn-cdn.com
1 www.googletagmanager.com tesseract.media.syn-cdn.com
1 smartwrapper.technoratimedia.com
1 sadlib.static-app.synacor.com
586 177
Subject Issuer Validity Valid
*.tds.net
Entrust Certification Authority - L1K		 2020-10-27 -
2021-11-06		 a year crt.sh
*.media.syn-cdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-01 -
2022-04-01		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.static-app.synacor.com
DigiCert SHA2 High Assurance Server CA		 2019-08-05 -
2021-08-25		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
web.garnet.synacor.com
DigiCert SHA2 High Assurance Server CA		 2019-08-05 -
2021-09-24		 2 years crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.syn-api.com
DigiCert SHA2 High Assurance Server CA		 2019-08-05 -
2021-09-24		 2 years crt.sh
*.cloudquote.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-20 -
2022-05-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
rumcdn.geoedge.be
Amazon		 2020-10-02 -
2021-11-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.privacymanager.io
Amazon		 2020-10-24 -
2021-11-23		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
e.serverbid.com
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.google.ch
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.geoedge.be
Amazon		 2021-01-18 -
2022-02-16		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.id5-sync.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-30		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.liadm.com
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
*.ml314.com
Amazon		 2021-01-17 -
2022-02-14		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-27 -
2021-07-14		 2 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-18 -
2022-03-26		 10 months crt.sh
*.springserve.com
Amazon		 2021-04-23 -
2022-05-22		 a year crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh

This page contains 65 frames:

Primary Page: https://portal.tds.net/
Frame ID: 61A620428C450A3777BEA8CA47EAF886
Requests: 146 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_cnv_n-amobee&dcc=t
Frame ID: 77933697470328A4588912FECA98312F
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1
Frame ID: 365DFBF26F907D95E4C656FCD48ABBFC
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: CA9871A57FEF45096E1CF2D5DF132C47
Requests: 10 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: 727F854435F5BB1537D0E517374594EE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 3777D3D6B24FACE63D8BBB6F3939BBD0
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3074448325661272662
Frame ID: 37D060B335DFEB23B2C9FFBCC6812A53
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 65F47D62C23BDD88B355DE5D9EA13809
Requests: 21 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8
Frame ID: BBFC940AB38B532E8703A848F5CEA593
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4944437266062326293
Frame ID: AF70F173B0F1AAB6527441399A8924AC
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 5B66E39DB09EB55A67F7F8DE88AC51E8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969014351106078859
Frame ID: 82823A31BA132ECE439F5D452F5C9C04
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEzJ07BbdMAADDhTOupZg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: A1675936E518F72845FAFF178ADE2C67
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 8456F9C61484DFD888C4B2764DB75C1B
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&ex=pubmatic.com
Frame ID: D9AE39DF703CC884423FF2FB162B3331
Requests: 1 HTTP requests in this frame

Frame: https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 66DB9E79FB7D9A25A65B10ADAF435530
Requests: 19 HTTP requests in this frame

Frame: https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 267B0FD57DF8725FD0CF2F535812F44C
Requests: 19 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Frame ID: 53AB1B5DCD5524BB63705E9E16DC9F44
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Frame ID: C657FAC3566F231B42B26AD2E008A827
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Frame ID: 4FD25D0DC91B04DB1704B790674CF8CB
Requests: 9 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Frame ID: F411F4715E914DA6EE36E9E4AB2C1BEB
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Frame ID: 6BB74AF61F3594159652C21F61F16E43
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Frame ID: D58785B7AB3C309C1EAA4973BBABAE28
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhiyrKSaATAB&v=APEucNVJ_VOrBplKvWslw0srcR3eJrC3LtRn0Ej_ikVaAxb6EwRLzZhW8p-HPbguLitZkpbNcBsKeel8wSt8pf47K9AVx6S51Q
Frame ID: 111513BB71D5F0978FB93D31C9F2931A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhj5pqSaATAB&v=APEucNX3-hqJzAIA8bZE57tdCAiZOfnmoZZWhhBK_aOdA0Mhxbs7E13j6zRHTyB1NNHSOG-2y7_ZwzzcINv-mhmeNb4yIVLmIw
Frame ID: D2AE44123E7E6D0A6DED8D8CD1922C64
Requests: 5 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4117d4db-d2d8-4a03-999e-0b64825222b8&tbid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&query=taboola_hm%3D4117d4db-d2d8-4a03-999e-0b64825222b8&isDirect=0
Frame ID: CBD4BC430EAB3E62ECBC331AA11698CC
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1CA61DBD6F0B40049BBDE9DA46AB3728
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9492030/1620201710760/index.html
Frame ID: 17C518B729B73524D17CAA756C4B5D55
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/9492030/1621516504741/index.html
Frame ID: ACCBF4110BBE312AF04C5599BA64E752
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3333A750F0C9DC308C36A0B440AC712F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B4A0930AD8601E894917CF1A811DE657
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 819F11F157638822A1C9E4BA6376E1C9
Requests: 3 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.35.0
Frame ID: B9F2AAD0688213042431DD50B2F50434
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000840.html
Frame ID: 4C3FA7E67C6F98D769572AEED1A19BE2
Requests: 6 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0F8FC77C7709E6E5F6712CBA9FCC7585
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: D1FF559635BD62BEA194B96117DBBF39
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003
Frame ID: EC77B4C1553D7FFD53D5DF44B5571031
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GfuCs1hBtbEpNrqjm0rbW6DH
Frame ID: 7CE25ED4B68934D62CCDCE567B25A3DC
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 8B1A727BD42E519F1CAC680372CC3D78
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 2F6D42D815A833B77A26549FA01C540E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=BRPvU9wsyZiC&pid=557219
Frame ID: 235EA795B2F530DFDFE8379BB40A140B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: D83BDD16773D36E21DB7F0E24B5A5B6C
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: DB8B6AD2210A115A15BA5AD3BC55001D
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 013A0F9AEC622550DD179AEA6E328C47
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Frame ID: 6DBB8A2EB8951243F687F7AFFFC096C4
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: C3BCB21F4E0A2783579D37B9BEDAA6C9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: BAB099CB6CC67ED6A1657F125DC627C0
Requests: 12 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: A4501A623E3F3391B2DE797572841434
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: 4A490BC4C9EBA4430DBB62A657DE7C4C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1C7057A1D713C26408123FF905154544
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1PwUngWX1LOgpq5&gdpr=0&gdpr_consent=
Frame ID: 9C3C9956194AE4C02ACFEEFE57D76128
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oJbS2lJqSuhSW-r5_Mc0hluEiFw
Frame ID: 56C89C89ECE725C75BFE671C14F4B1FC
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 354FC9BF79AC80EAD5C7ECD8B31D6271
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5BE016A651534D3C90DB348A637D045E
Frame ID: FA75AC4AC81F45D401DF09CA4EFD7728
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8
Frame ID: 253D7F8F9023CE7D9D630A44B25A8D69
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?geo=na&co=us
Frame ID: CBF83927D7F2DDAA2B6F3004CE83CC97
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: F0E999654AD61EE4787D180E2019EDA0
Requests: 10 HTTP requests in this frame

Frame: https://engage.media.syn-cdn.com/dist/npm.core-js.bdfadd6a.bundle.js
Frame ID: 0F14B69441D6313B81EE1351385C4B5C
Requests: 66 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 4C56A23CCCE9335BDA957F092E074731
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2ECCA831B38B93CDE335F81339F44173
Requests: 1 HTTP requests in this frame

Frame: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
Frame ID: 6A8053E6047AA552A0C52B14C52073E7
Requests: 21 HTTP requests in this frame

Frame: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Frame ID: C5D7082BDD3E43F6BDB2E61F23FF3B15
Requests: 2 HTTP requests in this frame

Frame: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
Frame ID: 33F4E3EE32F09E67FCA6A669F576466D
Requests: 21 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html
Frame ID: BEB7D59029357A950FB65F32DD4D8AEF
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_080396f1.js
Frame ID: 5A0C259105F31E75B351EF6FE4230C54
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /https?:\/\/[^/]*\.rubiconproject\.com/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

586
Requests

100 %
HTTPS

20 %
IPv6

98
Domains

177
Subdomains

112
IPs

12
Countries

6851 kB
Transfer

17790 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1622600096126&ns_c=UTF-8&cv=3.5&c8=Home%20-%20Welcome%20to%20TDS&c7=https%3A%2F%2Fportal.tds.net%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622600096126&ns_c=UTF-8&cv=3.5&c8=Home%20-%20Welcome%20to%20TDS&c7=https%3A%2F%2Fportal.tds.net%2F&c9=
Request Chain 100
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_cnv_n-amobee HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_cnv_n-amobee&dcc=t
Request Chain 107
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=77f870aa5e393c927364
Request Chain 111
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3074448325661272662
Request Chain 120
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLbpoMR_9v0U88zYS2tDtAAABI8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLbpoMR_9v0U88zYS2tDtAAABI8AAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJnqJ6rjFUNUNzvZlN4SgKQ&google_cver=1
Request Chain 121
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLbpoMR-9v0U88zYS2tDtAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMcQGwjX_wSUA3H_JLERGIM&google_cver=1
Request Chain 124
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5BE016A651534D3C90DB348A637D045E
Request Chain 125
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 126
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1240362917277177338
Request Chain 127
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YLbpoMR-9v0U88zYS2tDtAAA%261167?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YLbpoMR-9v0U88zYS2tDtAAA%261167?gdpr_consent=&us_privacy=&gdpr=
Request Chain 133
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8
Request Chain 134
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4944437266062326293
Request Chain 136
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969014351106078859
Request Chain 137
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFekowN0JiZE1BQUREaFRPdXBaZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEzJ07BbdMAADDhTOupZg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Request Chain 138
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=psGlQtBKRdSN45kvxdnF2A%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 141
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d9c660b6-e9a1-4400-a244-02b202e50d97
Request Chain 142
  • https://pixel.onaudience.com/?partner=214&mapped=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=392c1730-50b0-4dd5-9682-00e5b40a3ace&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=e4a290fcd068ced9c56ed9e4d98d00e9 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=ee8940b9b43054b9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b4bd0aa0-6aab-4696-5999-4b5327b64853&reqId=bdac04ca-8a51-426e-6f75-a0b997dc3224&zcluid=ee8940b9b43054b9&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEEQwHgsh4xcnceeMNCtS4Z0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b4bd0aa0-6aab-4696-5999-4b5327b64853&reqId=bdac04ca-8a51-426e-6f75-a0b997dc3224&zcluid=ee8940b9b43054b9&zdid=1332
Request Chain 143
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5821613659031366264
Request Chain 144
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&gdpr=0&gdpr_consent=
Request Chain 145
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=392c1730-50b0-4dd5-9682-00e5b40a3ace
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH04k5I6e2SoY2AhLI-ElM0&google_cver=1
Request Chain 147
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1240362917277177338&gdpr=0&gdpr_consent=
Request Chain 149
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1B1KXiRE2uX4SsFCCFGNwYPItLkLhxc-~A&gdpr=0&gdpr_consent=
Request Chain 150
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1RyaNIYVmTPOTp46hknVO9cczGTOScw12k5IvEKT
Request Chain 151
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=d59c04df-b7aa-4eae-ac1b-e4aef8869278&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9afa73fd-a392-4712-8848-229040e385e3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 152
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YLbpogABQ51yOABg HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLbpogABQ51yOABg&gdpr=0&gdpr_consent=&_test=YLbpogABQ51yOABg
Request Chain 153
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3074448325661272662&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 154
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7bff0f42-662b-4682-ace7-530ade9c6701&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 156
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=ab3e1485-58df-4782-801d-bbcc1d3e9c37-60b6e9a2-4348&gdpr=0&gdpr_consent=
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKe4tw6l70mJYJjiaFH-ttk&google_cver=1
Request Chain 245
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLbpoMR-9v0U88zYS2tDtAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKe4tw6l70mJYJjiaFH-ttk&google_cver=1
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDix4Mm3-Jw3b3FynNs90Bo&google_cver=1
Request Chain 247
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI0MDM2MjkxNzI3NzE3NzMzOA%3D%3D
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPCVsT7i_CojIfyQV0d1Sek&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEPCVsT7i_CojIfyQV0d1Sek&google_cver=1
Request Chain 249
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWQwOWMwZjgtOGFiZC0yZjEzLWQzZjItMjEwMzYzMGI5MWU0
Request Chain 261
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4117d4db-d2d8-4a03-999e-0b64825222b8 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4117d4db-d2d8-4a03-999e-0b64825222b8&tbid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&query=taboola_hm%3D4117d4db-d2d8-4a03-999e-0b64825222b8&isDirect=0
Request Chain 263
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KPEU7BLY-1S-HNXP
Request Chain 264
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=90f72f49-1fa9-5199-908d-8366f03b6ac0
Request Chain 266
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=52sTSFjyQHDX&ev=1&orig=trc&pid=562107
Request Chain 267
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1240362917277177338&orig=trc
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKYB9qJsiFMCVOMrITb74Ms&google_cver=1
Request Chain 270
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20
Request Chain 271
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=392c1730-50b0-4dd5-9682-00e5b40a3ace
Request Chain 272
  • https://ce.lijit.com/merge?pid=42&3pid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&us_privacy=1NNN&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&us_privacy=1NNN&gdpr=0&gdpr_consent=&dnr=1
Request Chain 276
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=6615654a-c909-4404-90d9-22175b2ab961
Request Chain 277
  • https://id5-sync.com/s/464/9.gif?puid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOtYA-lSnditF4FYtKucndO49PXbs1udYm2_WyOg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOtYA-lSnditF4FYtKucndO49PXbs1udYm2_WyOg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=8fb74b43-0ead-400d-b209-1296ebb3243e&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/5/3.gif?puid=e4a290fcd068ced9c56ed9e4d98d00e9&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/4/4.gif?puid=c8424bc3-e228-4d7e-bae2-6b13b8e047e9&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/3/5.gif?puid=e953c59b-897f-4d59-90d6-3aa685c01814&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/146/2/6.gif?puid=d59c04df-b7aa-4eae-ac1b-e4aef8869278&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOtYA-lSnditF4FYtKucndO49PXbs1udYm2_WyOg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F160%2F1%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/160/1/7.gif?puid=71431968016794203626855896836867177312&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOtYA-lSnditF4FYtKucndO49PXbs1udYm2_WyOg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F340%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/340/0/8.gif?puid=71431968016794203626855896836867177312&gdpr=1&gdpr_consent=
Request Chain 278
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=QJxdiJLECCyW2D6bpOm2YA
Request Chain 280
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=9afa73fd-a392-4712-8848-229040e385e3&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=249bf211-ef9a-4f37-936a-2a71bb268abf&expires=2&ssp=taboola&bsw_param=9afa73fd-a392-4712-8848-229040e385e3 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=9afa73fd-a392-4712-8848-229040e385e3
Request Chain 351
  • https://sync.serverbid.com/ss/2000840.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000840.html
Request Chain 355
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=308301117 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/392c1730-50b0-4dd5-9682-00e5b40a3ace HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003
Request Chain 356
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GfuCs1hBtbEpNrqjm0rbW6DH
Request Chain 359
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=BRPvU9wsyZiC&pid=557219
Request Chain 360
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 362
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 363
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Request Chain 364
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&addseg=31
Request Chain 365
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 367
  • https://loadm.exelator.com/load/?p=204&g=71&buid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTZDMUE1NDItRDA0QS00NUQ0LThERTMtOTkyRkM1RDlDNUQ4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 369
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1240362917277177338
Request Chain 370
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_8a33295b-3680-406b-9965-f5cfdbf60c03
Request Chain 375
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 378
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=1240362917277177338
Request Chain 379
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YLbpoMR-9v0U88zYS2tDtAAA%261167
Request Chain 380
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=d7456b1f099210010723f946
Request Chain 381
  • https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId= HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=866aabf1-c9f4-4468-a760-47f5a91e50c6
Request Chain 382
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true
Request Chain 385
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1PwUngWX1LOgpq5&gdpr=0&gdpr_consent=
Request Chain 386
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oJbS2lJqSuhSW-r5_Mc0hluEiFw
Request Chain 388
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5BE016A651534D3C90DB348A637D045E
Request Chain 390
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=56b9f0c5-c348-11eb-8b8a-6f120b61e297&gdpr=0&gdpr_consent=
Request Chain 395
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1622600101&ip=91.132.136.92&l1=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fneustar%2F1%2Fcm%3Ftaboola_hm%3D164990803805000014977 HTTP 302
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164990803805000014977
Request Chain 396
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20 HTTP 303
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&_li_chk=true&previous_uuid=7a49c131ef704c96801f662aede1aa2b HTTP 303
  • https://i.liadm.com/s/64716?bidder_id=88068&bidder_uuid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&previous_uuid=e5cfe9ffada2407fa3156ab1f70df82e HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F64716%2F0%2F676fea0974db42c997b4e68d01b754e4%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&7a49c131-ef70-4c96-801f-662aede1aa2b&bidder_id=88068&bidder_uuid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&previous_uuid=676fea0974db42c997b4e68d01b754e4 HTTP 302
  • https://i.liadm.com/s/e/64716/0/676fea0974db42c997b4e68d01b754e4?mpid=7156&muid=ae4b60b6-e9a5-4600-84f4-d77c030bd2f2
Request Chain 397
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&gdpr=0&gdpr_consent=&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3619163238529237029 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxOTE2MzIzODUyOTIzNzAyORAAGg0IptPbhQYSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=1f6edd9f8f7d2642e4bee2b284171e01b62c449e60ddc92d4cfb3281eb55c520f4cb09cee1a4f8eb&person_id=3619163238529237029&eid=50082
Request Chain 399
  • https://pixel.advertising.com/ups/55973/sync?uid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55973/sync?uid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&_origin=1&verify=true
Request Chain 415
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=fd6e432f-738b-4c10-918d-a4dfc612be02&google_hm=ZmQ2ZTQzMmYtNzM4Yi00YzEwLTkxOGQtYTRkZmM2MTJiZTAy HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEH5mdRNKq6Lr48VWFzz2e6g&google_cver=1&ssp=sonobi&bsw_param=fd6e432f-738b-4c10-918d-a4dfc612be02 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=fd6e432f-738b-4c10-918d-a4dfc612be02
Request Chain 416
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e55fb5d7c2&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e55fb5d7c2&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=3072bbef-0c7d-4f52-b3ea-df4e6cf0fe99&pubid=e55fb5d7c2
Request Chain 417
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=ae4b60b6-e9a5-4600-84f4-d77c030bd2f2
Request Chain 418
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=45cac1a0-b7c2-4098-9a69-ea8777ce823b&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RUE4RUpaWjdsekI3cWZwMjhYMGJzUQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEBBRFlEYrdqli_3kAwSiRXs&google_cver=1
Request Chain 419
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2159827871343425741
Request Chain 420
  • https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4080417817 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4080417817 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/150f4117-e7ed-45c6-884e-7c89ec0ed7aa HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8ed583cc-0341-4ce5-bfba-e25e9d77212e-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-8ed583cc-0341-4ce5-bfba-e25e9d77212e-003 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-8ed583cc-0341-4ce5-bfba-e25e9d77212e-003
Request Chain 421
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NDVjYWMxYTAtYjdjMi00MDk4LTlhNjktZWE4Nzc3Y2U4MjNi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm=&google_hm=NDVjYWMxYTAtYjdjMi00MDk4LTlhNjktZWE4Nzc3Y2U4MjNi&google_tc= HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEPSlkLtcq9Zrtonkvlxks58&google_cver=1
Request Chain 425
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=40&userId=?uid=KPEU7GIK-1Q-CM4
Request Chain 426
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPEU7GIK-1Q-CM4&sigv=1&esig=2~1bbf4f63fc8f76c09fb3451d24f97fc20129c6a4
Request Chain 428
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae4b60b6-e9a5-4600-84f4-d77c030bd2f2
Request Chain 429
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/wB8fL3AiyFqoe7_Sd7KrQg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5301250555939441799
Request Chain 430
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFlYTBhODllODQwMWJlYzA4NWUwM2ZhMWRmNTA0MTNhMzdlOGVkZg
Request Chain 431
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECDLaAZE8A3m0SzRUrsal5M&google_cver=1
Request Chain 432
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BFVTdHSUstMVEtQ000
Request Chain 433
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YLbppwABRAGwgQBg HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YLbppwABRAGwgQBg&_test=YLbppwABRAGwgQBg
Request Chain 434
  • https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 436
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLbpp_wQIopIzEfzSs_3PwAABJMAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLbpp_wQIopIzEfzSs_3PwAABJMAAAIB&dcc=t
Request Chain 437
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLbpp-wQIopIzEfzSs-3PwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJpuzeCHDnK52q_Bq6-3Hos&google_cver=1
Request Chain 438
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLbpp_wQIopIzEfzSs_3PwAABJMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKYxU58RadPEtCLHAXEg4rM&google_cver=1
Request Chain 439
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=8a882924-5145-4931-92dc-b1e5379c1293-60b6e9a7-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D8a882924-5145-4931-92dc-b1e5379c1293-60b6e9a7-4348%26partner_url%3Dhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D8a882924-5145-4931-92dc-b1e5379c1293-60b6e9a7-4348%2526expiration%253D1625192103 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8a882924-5145-4931-92dc-b1e5379c1293-60b6e9a7-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D8a882924-5145-4931-92dc-b1e5379c1293-60b6e9a7-4348%26expiration%3D1625192103 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=8a882924-5145-4931-92dc-b1e5379c1293-60b6e9a7-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D8a882924-5145-4931-92dc-b1e5379c1293-60b6e9a7-4348%26expiration%3D1625192103 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8a882924-5145-4931-92dc-b1e5379c1293-60b6e9a7-4348&expiration=1625192103
Request Chain 440
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YLbpp-wQIopIzEfzSs-3PwAA%261171?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YLbpp-wQIopIzEfzSs-3PwAA%261171
Request Chain 441
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=jWGig95ooYKWM_bW2TTtg4Iz-YWWN_XTjWDe0OvS
Request Chain 442
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030002_60b6e9a8c82fd&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_60b6e9a8c82fd

586 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
portal.tds.net/ 		26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.tds.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.8.70.222 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
048f10d3ca82f7dd6f9a3e86bd87f274704211b873e87c74c932c8babdfb3dcb

Request headers

Host
portal.tds.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Wed, 02 Jun 2021 02:14:55 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
5310
Connection
keep-alive
Set-Cookie
temporalchip=OTEuMTMyLjEzNi45MjoxNjIyNjAwMDk1; path=/; domain=.tds.net eternalchip=OTEuMTMyLjEzNi45MjoxNjIyNjAwMDk1; expires=Fri, 02-Jun-2023 02:14:55 GMT; path=/; domain=.tds.net SimpleSAMLSessionID=547b16867f5c301a67bed64e23c43b69; path=/; SameSite=None; secure; httponly session=594be7a5aad169ca000121f2b7eb487b371846de-1622600095; expires=Thu, 02-Jun-2022 02:14:55 GMT; path=/; domain=.tds.net Synacor_0=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.tds.net Synacor_1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.tds.net
Link
<https://tesseract.media.syn-cdn.com/tesseract.js>; rel=preload; as=script <https://cdn.taboola.com/libtrc/synacor-network1/loader.js>; rel=preload; as=script <//sadlib.static-app.synacor.com/client/synacor/synacor.js>; rel=preload; as=script <https://securepubads.g.doubleclick.net/tag/js/gpt.js>; rel=preload; as=script <https://smartwrapper.technoratimedia.com/client/synacor/synacor.js>; rel=preload; as=script <https://tesseract.media.syn-cdn.com/tdstelecom.tesseract.css>; rel=preload; as=style
Vary
Accept-Encoding
Content-Encoding
gzip
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
X-Varnish
540589404
Age
0
Via
1.1 varnish
Accept-Ranges
bytes
tesseract.js
tesseract.media.syn-cdn.com/ 		350 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
5c2a5060ff38cf14d3679cf92aa6804a93068a881188c009eba0bd50e8469728

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:55 GMT
content-encoding
gzip
age
143
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
87713
access-control-allow-origin
*
last-modified
Thu, 20 May 2021 18:59:58 GMT
server
nginx
etag
"57712-5c2c78cad4780"
vary
Accept-Encoding
x-varnish
177124235 177029323
via
1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 02 Jun 2021 02:17:32 GMT
loader.js
cdn.taboola.com/libtrc/synacor-network1/ 		2 MB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/synacor-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79311a4131400943713b3a12b9c9555ad1dd09ad3326c5267b37330cdee85c7e

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
MPRYlttB13KqhyjDYqYUiFTEV7Wn5QqV
content-encoding
gzip
etag
"939e681b9b9cb9e31be90da858416fe6"
age
4900
x-cache
HIT
content-length
164894
x-amz-id-2
2RxbBkXwiHaRfllV0OP6bRFG/jEbvsbMXihFUW3OUg2Tcyene5rQOtEiFqTdCdqQx7pWioZ3h40=
x-served-by
cache-hhn11524-HHN
last-modified
Mon, 31 May 2021 10:59:10 GMT
server
AmazonS3
x-timer
S1622600096.524853,VS0,VE1
date
Wed, 02 Jun 2021 02:14:55 GMT
vary
Accept-Encoding
x-amz-request-id
7A4SG8RFTRMR1ATD
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
44
x-cache-hits
1
synacor.js
sadlib.static-app.synacor.com/client/synacor/ 		504 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.168.104.86 , United States, ASN36271 (SYNACOR-CLUSTER, US),
Reverse DNS
Software
nginx /
Resource Hash
79fe4e962ab0ce189b513b422f23c4fe80951a4937c0cf5ad9d10c133fa724c1

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:14:55 GMT
Content-Encoding
gzip
Age
147
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
Connection
keep-alive
Content-Length
127366
Access-Control-Allow-Origin
*
Last-Modified
Thu, 06 May 2021 19:41:30 GMT
Server
nginx
ETag
"7dfde-5c1ae7f6eee80"
Vary
Accept-Encoding
X-Varnish
176939128 176440097
Via
1.1 varnish
Cache-Control
max-age=300
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Wed, 02 Jun 2021 02:17:28 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
472577b96613a6d8107988e9561ddc3eae95b37b52ee6e693d20a23a634dfa62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"890 / 461 of 1000 / last-modified: 1622585871"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21248
x-xss-protection
0
expires
Wed, 02 Jun 2021 02:14:55 GMT
synacor.js
smartwrapper.technoratimedia.com/client/synacor/ 		253 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smartwrapper.technoratimedia.com/client/synacor/synacor.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C40) /
Resource Hash
1359a662d8fe7bd465911cae9ccdff64767752c43b84e0c82d0d0046187c0f1a

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:55 GMT
content-encoding
gzip
age
268
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
80162
access-control-allow-origin
*
last-modified
Mon, 27 Apr 2020 19:40:50 GMT
server
ECAcc (mil/6C40)
etag
"3f3c9-5a44ae4665480"
vary
Accept-Encoding
x-varnish
769469648
via
1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 02 Jun 2021 02:19:55 GMT
tdstelecom.tesseract.css
tesseract.media.syn-cdn.com/ 		729 KB
77 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tesseract.media.syn-cdn.com/tdstelecom.tesseract.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
fbf507e5c031170635e0e5e09e5bbb97df82a0a47b667350bafedb02320fc5cf

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:55 GMT
content-encoding
gzip
age
153
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
78657
access-control-allow-origin
*
last-modified
Thu, 20 May 2021 18:59:58 GMT
server
nginx
etag
"b6548-5c2c78cad4780"
vary
Accept-Encoding
x-varnish
884269780 884396083
via
1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
text/css
expires
Wed, 02 Jun 2021 02:17:22 GMT
res.php
static.garnet.synacor.com/assets/ 		1 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.garnet.synacor.com/assets/res.php?j;tdstelecom/tdstelecom-gen4;en_US;964ef768;en_US(gen4(components(cube(scripts(single-cube
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.8.70.81 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
static.garnet.synacor.com
Software
nginx /
Resource Hash
5cb7228c4470c115ab1ce3e553edf24cab6338f897ac51e28e367a06cba65938

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:14:55 GMT
Content-Encoding
gzip
Server
nginx
Age
597476
ETag
"964ef768"
Vary
Accept-Encoding
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
Via
1.1 varnish
Cache-Control
public,max-age=2592000
X-Varnish
143507423 927309587
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript; charset=utf-8
Content-Length
532
Expires
Fri, 25 Jun 2021 04:16:59 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/synacor-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-71.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:06:45 GMT
via
1.1 cf82d48fdf484813132bbd9c90904672.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
492
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
content-length
1469
x-amz-cf-id
NI8NEvXpoEZVvDn6lzSqSjTiVlg7PUfoFBih2a9-mGya-9sH4yah2g==
tdstelecom-config-json.89479428.chunk.js
tesseract.media.syn-cdn.com/config/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tesseract.media.syn-cdn.com/config/tdstelecom-config-json.89479428.chunk.js
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CB0) /
Resource Hash
619e5a7785957be4b09bb2859b1c7200fd15d9d7b86d2f5f7d4382947837459c

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
age
598077
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1559
access-control-allow-origin
*
last-modified
Thu, 20 May 2021 18:59:58 GMT
server
ECAcc (mil/6CB0)
etag
"13ed-5c2c78cad4780"
vary
Accept-Encoding
x-varnish
746959322 677326450
via
1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 27 May 2022 20:25:37 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-64147009-11
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b66e022ac9b572f2de543e9ef970061c4699e85380c87cbba2b6ceea11d0aafa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35939
x-xss-protection
0
last-modified
Wed, 02 Jun 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 02 Jun 2021 02:14:56 GMT
singlecube.d2462451.chunk.js
tesseract.media.syn-cdn.com/widgets/ 		2 MB
342 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tesseract.media.syn-cdn.com/widgets/singlecube.d2462451.chunk.js
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C1D) /
Resource Hash
f05168a4b343b3cf064911e9731b5223b7ae069e646039875343d56bc50f50dc

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
age
598097
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
349737
access-control-allow-origin
*
last-modified
Thu, 20 May 2021 18:59:58 GMT
server
ECAcc (mil/6C1D)
etag
"1863eb-5c2c78cad4780"
vary
Accept-Encoding
x-varnish
165912278 84473835
via
1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 26 May 2022 22:57:58 GMT
roboto-regular_2C1yE.woff
tesseract.media.syn-cdn.com/assets/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tesseract.media.syn-cdn.com/assets/roboto-regular_2C1yE.woff
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tdstelecom.tesseract.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BA5) /
Resource Hash
13fada409c0428a216aff770cc13536aa0141fbbb391135b28a1c20634d612af

Request headers

Origin
https://portal.tds.net
Referer
https://tesseract.media.syn-cdn.com/tdstelecom.tesseract.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
age
6144707
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
18877
access-control-allow-origin
*
last-modified
Mon, 15 Mar 2021 17:14:50 GMT
server
ECAcc (mil/6BA5)
etag
W/"49d8-5bd96632a1680"
vary
Accept-Encoding
x-varnish
692673960 817769384
via
1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/plain; charset=UTF-8
expires
Mon, 28 Mar 2022 20:00:15 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1622600096126&ns_c=UTF-8&cv=3.5&c8=Home%20-%20Welcome%20to%20TDS&c7=https%3A%2F%2Fportal.tds.net%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622600096126&ns_c=UTF-8&cv=3.5&c8=Home%20-%20Welcome%20to%20TDS&c7=https%3A%2F%2Fportal.tds.net%2F&c9=
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622600096126&ns_c=UTF-8&cv=3.5&c8=Home%20-%20Welcome%20to%20TDS&c7=https%3A%2F%2Fportal.tds.net%2F&c9=
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-71.cdg52.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
via
1.1 cf82d48fdf484813132bbd9c90904672.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
mofW9mp0C3XvP0rP7CIFF0_rc8rzoly7A8s2v5idkfP1rUe2k0hyvA==

Redirect headers

date
Wed, 02 Jun 2021 02:14:56 GMT
via
1.1 cf82d48fdf484813132bbd9c90904672.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622600096126&ns_c=UTF-8&cv=3.5&c8=Home%20-%20Welcome%20to%20TDS&c7=https%3A%2F%2Fportal.tds.net%2F&c9=
content-length
189
x-amz-cf-id
c0o3LGONufxws4VSA1Z5PaBuqIv4tHwkEc3lolnKgs4mjIEk_gHp1A==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-64147009-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3813
date
Wed, 02 Jun 2021 01:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 02 Jun 2021 03:11:23 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=336168660&t=pageview&_s=1&dl=https%3A%2F%2Fportal.tds.net%2F&dp=%2Fhomepage&ul=en-us&de=UTF-8&dt=Home%20-%20Welcome%20to%20TDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAAC~&jid=2074381701&gjid=1376403323&cid=1488473743.1622600096&tid=UA-64147009-11&_gid=648079189.1622600096&_r=1&gtm=2ou5q1&cd1=homepage&cd2=logged-out&cd3=portal.tds.net&cd4=Cube&z=377088044
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal.tds.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
scs.syn-api.com/feeds/id/gen4_sc_special_title/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/feeds/id/gen4_sc_special_title/
Protocol
H2
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
site
Origin
https://portal.tds.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:14:56 GMT
access-control-allow-headers
authorization, site
access-control-allow-methods
GET
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=3600, public
vary
Accept-Encoding, Origin
x-varnish
1048844871 1042308825
age
2254
x-timer
-0.000
via
1.1 varnish
/
scs.syn-api.com/alerts/id/gen4_breaking_news_foryou/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/alerts/id/gen4_breaking_news_foryou/
Protocol
H2
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
site
Origin
https://portal.tds.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:14:56 GMT
access-control-allow-headers
authorization, site
access-control-allow-methods
GET
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=3600, public
vary
Accept-Encoding, Origin
x-varnish
1048552604 1042763593
age
3465
x-timer
-0.000
via
1.1 varnish
/
scs.syn-api.com/dccs/id/gen4_dcc_foryou/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/dccs/id/gen4_dcc_foryou/
Protocol
H2
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
site
Origin
https://portal.tds.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:14:56 GMT
access-control-allow-headers
authorization, site
access-control-allow-methods
GET
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=3600, public
vary
Accept-Encoding, Origin
x-varnish
1046142656 1047595702
age
2199
x-timer
-0.000
via
1.1 varnish
impl.20210531-8-RELEASE.js
cdn.taboola.com/libtrc/ 		493 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210531-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/synacor-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b92f05aef3c172d5c32bed5cf316731f7f53961622b772bf4748838de45f4737

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JXR2p9zuqYJfg3304ler9RZ9L6OK299t
content-encoding
br
etag
"82b2b53fa1482cac80e0c9ac90541df9"
age
27004
x-cache
HIT
content-length
115699
x-amz-id-2
taCWrBBLd9yhFPoIO+zrR0vuAlveVojHnrj9f0Q64yYGhSm2fH74KmZ1+Mp5gnb1nSCHfkPWq94=
x-served-by
cache-hhn11524-HHN
last-modified
Mon, 31 May 2021 10:43:06 GMT
server
AmazonS3-br
x-timer
S1622600096.243381,VS0,VE0
date
Wed, 02 Jun 2021 02:14:56 GMT
vary
Accept-Encoding
x-amz-request-id
4PS250W0D7BPKZNK
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
71
x-cache-hits
121608
newsroom.js
c2.taboola.com/nr/synacor-tdsresidentialportal/ 		0
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/synacor-tdsresidentialportal/newsroom.js
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
via
1.1 varnish
server
AmazonS3
x-amz-request-id
GA9R67499GA2F4NE
x-served-by
cache-fra19169-FRA
x-cache
MISS
content-type
application/javascript
accept-ranges
bytes
x-timer
S1622600096.284539,VS0,VE198
x-amz-id-2
EnC4zN7dVb8HrgCMgBsAiGhLkUWbOCVb1P2kANk2ysZ2S/WEO/Kdd75JiYjb5lWLevg/pffqzN4=
x-cache-hits
0
/
scs.syn-api.com/feeds/id/gen4_sc_special_title/ 		189 B
459 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/feeds/id/gen4_sc_special_title/
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
fd2ab4fd8d6e1cb9dffef21dab155f61d943816c9753bdcc48e2852d1ca970f1

Request headers

Referer
https://portal.tds.net/
Accept-Language
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
site
tdstelecom-gen4

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
via
1.1 varnish
content-type
application/hal+json
server
nginx
age
22
vary
Accept,Accept-Encoding,Content-Type,Origin,Site,Authorization
x-varnish
1050519970 1049619862
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=58, public, x-grace=900
accept-ranges
bytes
x-timer
0.000
content-length
189
/
scs.syn-api.com/alerts/id/gen4_breaking_news_foryou/ 		181 B
450 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/alerts/id/gen4_breaking_news_foryou/
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e46c207bf322ace962686e5572a42e673ac75c42bb4dd6436a1523fefdd14ddb

Request headers

Referer
https://portal.tds.net/
Accept-Language
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
site
tdstelecom-gen4

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
via
1.1 varnish
content-type
application/hal+json
server
nginx
age
9
vary
Accept,Accept-Encoding,Content-Type,Origin,Site,Authorization
x-varnish
1050424981 1050387794
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=59, public, x-grace=900
accept-ranges
bytes
x-timer
0.000
content-length
181
/
scs.syn-api.com/dccs/id/gen4_dcc_foryou/ 		47 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/dccs/id/gen4_dcc_foryou/
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
2969eb1dec4f72ad4ed31b2667d95bbbb15244bd51beee91dcf5f6524fcc757d

Request headers

Referer
https://portal.tds.net/
Accept-Language
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
site
tdstelecom-gen4

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
server
nginx
age
265
vary
Accept,Accept-Encoding,Content-Type,Origin,Site,Authorization
content-type
application/hal+json
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=295, public, x-grace=1800
x-varnish
1048844881 1048682611
accept-ranges
bytes
x-timer
-0.000
content-length
5920
via
1.1 varnish
/
scs.syn-api.com/articles/feed/gen4_sc_entertainment/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/articles/feed/gen4_sc_entertainment/?imageSizes=w%3D640%2Ch%3D360%7Cw%3D256%2Ch%3D144&count=9
Protocol
H2
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
site
Origin
https://portal.tds.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:14:56 GMT
access-control-allow-headers
authorization, site
access-control-allow-methods
GET
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=3600, public
vary
Accept-Encoding, Origin
x-varnish
1047192737 1047692885
age
2173
x-timer
0.000
via
1.1 varnish
/
scs.syn-api.com/articles/feed/gen4_sc_interesting_videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/articles/feed/gen4_sc_interesting_videos/?imageSizes=w%3D256%2Ch%3D144&count=6
Protocol
H2
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
site
Origin
https://portal.tds.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:14:56 GMT
access-control-allow-headers
authorization, site
access-control-allow-methods
GET
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=3600, public
vary
Accept-Encoding, Origin
x-varnish
1050000248 1049142406
age
2258
x-timer
-0.000
via
1.1 varnish
/
scs.syn-api.com/articles/feed/gen4_sc_news/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/articles/feed/gen4_sc_news/?imageSizes=w%3D640%2Ch%3D360%7Cw%3D256%2Ch%3D144&count=8
Protocol
H2
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
site
Origin
https://portal.tds.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:14:56 GMT
access-control-allow-headers
authorization, site
access-control-allow-methods
GET
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=3600, public
vary
Accept-Encoding, Origin
x-varnish
1048844872 1046934021
age
1439
x-timer
-0.000
via
1.1 varnish
/
scs.syn-api.com/articles/feed/gen4_sc_sports/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/articles/feed/gen4_sc_sports/?imageSizes=w%3D640%2Ch%3D360%7Cw%3D256%2Ch%3D144&count=8
Protocol
H2
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
site
Origin
https://portal.tds.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:14:56 GMT
access-control-allow-headers
authorization, site
access-control-allow-methods
GET
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=3600, public
vary
Accept-Encoding, Origin
x-varnish
1050130356 1044635012
age
2204
x-timer
0.000
via
1.1 varnish
/
scs.syn-api.com/articles/feed/gen4_sc_games/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/articles/feed/gen4_sc_games/?imageSizes=w%3D256%2Ch%3D144&count=6
Protocol
H2
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
site
Origin
https://portal.tds.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:14:56 GMT
access-control-allow-headers
authorization, site
access-control-allow-methods
GET
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=3600, public
vary
Accept-Encoding, Origin
x-varnish
1050810561 1048808936
age
3211
x-timer
0.000
via
1.1 varnish
/
scs.syn-api.com/articles/feed/gen4_sc_business/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/articles/feed/gen4_sc_business/?imageSizes=w%3D640%2Ch%3D360%7Cw%3D256%2Ch%3D144&count=8
Protocol
H2
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
site
Origin
https://portal.tds.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:14:56 GMT
access-control-allow-headers
authorization, site
access-control-allow-methods
GET
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=3600, public
vary
Accept-Encoding, Origin
x-varnish
1049578703 1047451279
age
3211
x-timer
0.000
via
1.1 varnish
/
scs.syn-api.com/articles/feed/gen4_sc_entertainment/ 		18 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/articles/feed/gen4_sc_entertainment/?imageSizes=w%3D640%2Ch%3D360%7Cw%3D256%2Ch%3D144&count=9
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
cfd5eaef5b773914575b9003046af2136bbd89389475ebf033d62f2bc5837603

Request headers

Referer
https://portal.tds.net/
Accept-Language
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
site
tdstelecom-gen4

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
server
nginx
age
300
vary
Accept,Accept-Encoding,Content-Type,Origin,Site,Authorization
content-type
application/hal+json
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=314, public, x-grace=1800
x-varnish
1049133145 1048031639
accept-ranges
bytes
x-timer
-0.000
content-length
4478
via
1.1 varnish
/
scs.syn-api.com/articles/feed/gen4_sc_interesting_videos/ 		11 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/articles/feed/gen4_sc_interesting_videos/?imageSizes=w%3D256%2Ch%3D144&count=6
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
8af2cf76812b1ceeda0d2bcacaabda1b90fbde2894a84ad77fe087c70b3a1b72

Request headers

Referer
https://portal.tds.net/
Accept-Language
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
site
tdstelecom-gen4

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
server
nginx
age
90
vary
Accept,Accept-Encoding,Content-Type,Origin,Site,Authorization
content-type
application/hal+json
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=313, public, x-grace=1800
x-varnish
1050321034 1049031646
accept-ranges
bytes
x-timer
0.000
content-length
3482
via
1.1 varnish
/
scs.syn-api.com/articles/feed/gen4_sc_news/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/articles/feed/gen4_sc_news/?imageSizes=w%3D640%2Ch%3D360%7Cw%3D256%2Ch%3D144&count=8
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
1491e275785fdf1ed8f9a74589f5ac0683c9d03767b3d3ce5e15040e109ff22b

Request headers

Referer
https://portal.tds.net/
Accept-Language
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
site
tdstelecom-gen4

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
server
nginx
age
110
vary
Accept,Accept-Encoding,Content-Type,Origin,Site,Authorization
content-type
application/hal+json
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=308, public, x-grace=1800
x-varnish
1048844883 1048298756
accept-ranges
bytes
x-timer
-0.000
content-length
2944
via
1.1 varnish
/
scs.syn-api.com/articles/feed/gen4_sc_sports/ 		11 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/articles/feed/gen4_sc_sports/?imageSizes=w%3D640%2Ch%3D360%7Cw%3D256%2Ch%3D144&count=8
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
da7faf3874ff2e696623d8c6f58ab92b35747a8fef9329c0d42da0f115c06e5b

Request headers

Referer
https://portal.tds.net/
Accept-Language
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
site
tdstelecom-gen4

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
server
nginx
age
21
vary
Accept,Accept-Encoding,Content-Type,Origin,Site,Authorization
content-type
application/hal+json
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=299, public, x-grace=1800
x-varnish
1048844880 1048779862
accept-ranges
bytes
x-timer
-0.000
content-length
2219
via
1.1 varnish
/
scs.syn-api.com/articles/feed/gen4_sc_games/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/articles/feed/gen4_sc_games/?imageSizes=w%3D256%2Ch%3D144&count=6
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
4aa89e05849e0a1f8d1434acb77525ca4c77d7397a714272f6f7e5c2fc2cf49d

Request headers

Referer
https://portal.tds.net/
Accept-Language
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
site
tdstelecom-gen4

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
server
nginx
age
79
vary
Accept,Accept-Encoding,Content-Type,Origin,Site,Authorization
content-type
application/hal+json
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=302, public, x-grace=1800
x-varnish
1046142661 1048907635
accept-ranges
bytes
x-timer
0.000
content-length
1504
via
1.1 varnish
/
scs.syn-api.com/articles/feed/gen4_sc_business/ 		11 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scs.syn-api.com/articles/feed/gen4_sc_business/?imageSizes=w%3D640%2Ch%3D360%7Cw%3D256%2Ch%3D144&count=8
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
1bb2e039031f93f8c2aa0cf3228a8441298858fdfcaf1370c8cfd8822e28eafa

Request headers

Referer
https://portal.tds.net/
Accept-Language
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
site
tdstelecom-gen4

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
server
nginx
age
54
vary
Accept,Accept-Encoding,Content-Type,Origin,Site,Authorization
content-type
application/hal+json
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=294, public, x-grace=1800
x-varnish
1049133144 1048163324
accept-ranges
bytes
x-timer
0.000
content-length
2370
via
1.1 varnish
sortedSecurityList.json
api.cloudquote.net/fcon/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cloudquote.net/fcon/sortedSecurityList.json?type=STOCK&list=%2BdollarVolume&filter=MAJORCOMPANIES&limit=8
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/ Express
Resource Hash
b480f99884908c629bf6e54415aaceaa54115746800937f7068349a1a17b3377

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
etag
W/"3167-p4Pq7Ecy3JMeJKvh4nwm5KhWuEI"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
transfer-encoding
chunked
static_include.js
engage.media.syn-cdn.com/dist/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
b1def08c8ff8240bd1bff647113efc7b999d7c865e156debcdebe5f2a9aabb0a

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
age
430
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
5708
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
nginx
etag
"5613-5c2b015d70900"
vary
Accept-Encoding
x-varnish
874570606 874682772
via
1.1 varnish
cache-control
public, max-age=900, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 02 Jun 2021 02:22:45 GMT
roboto-medium_1KjO1.woff
tesseract.media.syn-cdn.com/assets/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tesseract.media.syn-cdn.com/assets/roboto-medium_1KjO1.woff
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tdstelecom.tesseract.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C59) /
Resource Hash
481b14d625fb8eaef2baeaa51de213db870a780b3172e0155d22430571ae89f6

Request headers

Origin
https://portal.tds.net
Referer
https://tesseract.media.syn-cdn.com/tdstelecom.tesseract.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
age
27047867
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
19076
access-control-allow-origin
*
last-modified
Thu, 16 Jul 2020 18:33:48 GMT
server
ECAcc (mil/6C59)
etag
W/"4a94-5aa9347f97b00"
vary
Accept-Encoding
x-varnish
186566970 104377304
via
1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/plain; charset=UTF-8
expires
Sun, 29 May 2022 17:49:28 GMT
roboto-bold_3hkNf.woff
tesseract.media.syn-cdn.com/assets/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tesseract.media.syn-cdn.com/assets/roboto-bold_3hkNf.woff
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tdstelecom.tesseract.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BAF) /
Resource Hash
6a15265b1b610ef81ae1a1e45c8b69917d2fc4d3ad5a63c00ee6a466f0a6e806

Request headers

Origin
https://portal.tds.net
Referer
https://tesseract.media.syn-cdn.com/tdstelecom.tesseract.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
age
26914715
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
18933
access-control-allow-origin
*
last-modified
Thu, 16 Jul 2020 18:33:48 GMT
server
ECAcc (mil/6BAF)
etag
W/"4a00-5aa9347f97b00"
vary
Accept-Encoding
x-varnish
778899432 88829840
via
1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/plain; charset=UTF-8
expires
Sun, 20 Mar 2022 10:37:33 GMT
cube-icons_1v811.ttf
tesseract.media.syn-cdn.com/assets/ 		39 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tesseract.media.syn-cdn.com/assets/cube-icons_1v811.ttf
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tdstelecom.tesseract.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C20) /
Resource Hash
fe799de0f9b625ce95cc45d892632889c4602fd5b491b2f016bf5dfd401fe576

Request headers

Origin
https://portal.tds.net
Referer
https://tesseract.media.syn-cdn.com/tdstelecom.tesseract.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
age
23580742
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
24078
access-control-allow-origin
*
last-modified
Tue, 01 Sep 2020 16:45:09 GMT
server
ECAcc (mil/6C20)
etag
W/"9dd4-5ae433df40f40"
vary
Accept-Encoding
x-varnish
488451798 488191040
via
1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/plain; charset=UTF-8
expires
Thu, 02 Jun 2022 01:37:01 GMT
client_logo_light_lg.png
static.garnet.synacor.com/assets/site_config/tdstelecom-gen4/assets/en_US/gen4/shared/images/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.garnet.synacor.com/assets/site_config/tdstelecom-gen4/assets/en_US/gen4/shared/images/logos/client_logo_light_lg.png
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.8.70.81 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
static.garnet.synacor.com
Software
nginx /
Resource Hash
18da678b81b28f0173021fb9960300d0f6d27dc76e31686fcbef7c96ce1d0111

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:14:56 GMT
Via
1.1 varnish
Last-Modified
Thu, 20 May 2021 18:17:02 GMT
Server
nginx
Age
0
ETag
"588825801"
Content-Type
image/png
X-Varnish
130594341
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5215
40e42d121eb5fa83c2e4676f68a646b0598179c2
vam-image.media.syn-cdn.com/40/e4/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vam-image.media.syn-cdn.com/40/e4/40e42d121eb5fa83c2e4676f68a646b0598179c2
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CA0) /
Resource Hash
da867aeb3467f32dd64672a2d5498fd10f191275f719edd6faf24e7219b24cd7

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
last-modified
Fri, 06 Mar 2020 21:56:03 GMT
server
ECAcc (mil/6CA0)
age
27017146
etag
"55a-5a036b83b3cbd"
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
access-control-allow-origin
*
cache-control
max-age=365000000, immutable
accept-ranges
bytes
content-type
image/png
content-length
1370
track.gif
portal.tds.net/images/track/ 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.tds.net/images/track/track.gif?id=search-input&action=focus&cubecomponent=HomePage.DesktopHeader.SerpSwitcher.Google.SearchInput&contentarea=navigation&eventtype=focus&pagescrollyposition=0&ts=1622600096347
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.8.70.222 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.tds.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.tds.net/
Cookie
temporalchip=OTEuMTMyLjEzNi45MjoxNjIyNjAwMDk1; eternalchip=OTEuMTMyLjEzNi45MjoxNjIyNjAwMDk1; SimpleSAMLSessionID=547b16867f5c301a67bed64e23c43b69; session=594be7a5aad169ca000121f2b7eb487b371846de-1622600095; _ga=GA1.2.1488473743.1622600096; _gid=GA1.2.648079189.1622600096; _gat_gtag_UA_64147009_11=1
Connection
keep-alive
Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:14:56 GMT
Via
1.1 varnish
Last-Modified
Wed, 02 Jun 2010 18:24:58 GMT
Server
nginx
Age
0
ETag
"2b-488103510f280"
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
X-Varnish
541367498
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
/
location.syn-api.com/ip/ 		564 B
562 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://location.syn-api.com/ip/?fields=verbose
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
f6371f0b03cd4c7b276daad4c2ff85c5e5145348c13d24096a6661f939110da1

Request headers

Accept-Language
Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
server
nginx
age
0
etag
233727299c23532a9dac72733df43c95
vary
Accept-Encoding, Origin
content-type
application/hal+json
access-control-allow-origin
https://portal.tds.net
x-varnish
1047556463
accept-ranges
bytes
x-timer
0.001
content-length
316
via
1.1 varnish
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-64147009-11&cid=1488473743.1622600096&jid=2074381701&gjid=1376403323&_gid=648079189.1622600096&_u=4GBAAUAAAAAAAC~&z=81701211
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 02 Jun 2021 02:14:56 GMT
content-type
text/plain
access-control-allow-origin
https://portal.tds.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-64147009-11&cid=1488473743.1622600096&jid=2074381701&_u=4GBAAUAAAAAAAC~&z=2085197396
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-64147009-11&cid=1488473743.1622600096&jid=2074381701&_u=4GBAAUAAAAAAAC~&z=2085197396
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stories-vertical-ui.20210531-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		585 B
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/stories-vertical-ui.20210531-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/synacor-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
801e8224bdf2e16111e12739e43c37f474377f17d90957e9358d2dc400efe48c

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
t5Lgz2h0ENy6RAIVx.AVybVe04q1.tff
content-encoding
gzip
etag
"f810ea09ff53b5825326ba77acc3291f"
age
103
x-cache
HIT
x-amz-replication-status
PENDING
content-length
317
x-amz-id-2
WHkITZpRhYCNAx1YB+8DjtfOHE2nc/sv5LotfgwVE+Dz4QciNaVzfAXPA0IzSDZGALDpJ1f5i/c=
x-served-by
cache-hhn11524-HHN
last-modified
Tue, 01 Jun 2021 12:42:45 GMT
server
AmazonS3
x-timer
S1622600096.468131,VS0,VE0
date
Wed, 02 Jun 2021 02:14:56 GMT
vary
Accept-Encoding
x-amz-request-id
5H60BKR9K62NQ52C
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
71
x-cache-hits
239
json
trc.taboola.com/synacor-tdsresidentialportal/trc/3/ 		34 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/synacor-tdsresidentialportal/trc/3/json?tim=04%3A14%3A56.466&lti=deflated&data=%7B%22id%22%3A731%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1622458655012%2C%22vi%22%3A1622600096463%2C%22cv%22%3A%2220210531-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportal.tds.net%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22ccpa_ps%22%3A%221NNN%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1339%2C%22nsid%22%3A%22synacor-network1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-b-v2%3Apub%3Dsynacor-network1%3Aabp%3D0%22%2C%22uip%22%3A%22SubDCC%20V2%22%2C%22orig_uip%22%3A%22SubDCC%20V2%22%2C%22cd%22%3A604.1875%2C%22mw%22%3A747%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-c-v2%3Apub%3Dsynacor-network1%3Aabp%3D0%22%2C%22uip%22%3A%22Right-rail%20Stream%20V2%22%2C%22orig_uip%22%3A%22Right-rail%20Stream%20V2%22%2C%22cd%22%3A821.1875%2C%22mw%22%3A400%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-hero-a-01%3Apub%3Dsynacor-network1%3Aabp%3D0%22%2C%22uip%22%3A%22Bottom%20Thumbnails%20Unit%22%2C%22orig_uip%22%3A%22Bottom%20Thumbnails%20Unit%22%2C%22cd%22%3A1061.1875%2C%22mw%22%3A1264%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210531-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a5f0006a4af357ce0d17c9ec33d7792e1e26217103ba1dea51b18e2bd2024e20

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
317
date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
server
nginx
x-timer
S1622600096.477826,VS0,VE317
x-served-by
cache-hhn11524-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://portal.tds.net
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
apstag.js
c.amazon-adsystem.com/aax2/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.168.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-168-121.cdg52.r.cloudfront.net
Software
Server /
Resource Hash
5b6f3806c04b7c91d2ee5cf8f42b31343a9d33ea62ad9d0506cfa1be078477d3

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 16:30:51 GMT
content-encoding
gzip
server
Server
age
35044
etag
6bda376aea84df42909484ff0d20f22a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5b23e906a0b30aeeaaccd141aadaa56d.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
7iV2kGh8hACCLQM7XX9BldZxc25jPH1q
x-amz-cf-id
kU8itwtrFiJdkYE11v1dyBFNY_uzj-oJdel1IBgQJSt0-kFXpFNkiQ==
13344.js
ads.rubiconproject.com/header/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/header/13344.js
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
f0ea30c4668ad66beed47ad433c3c74b6015ed47857255896692a3c007ce49c5

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:14:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Mar 2020 03:28:07 GMT
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
25732
Expires
Wed, 02 Jun 2021 02:14:56 GMT
grumi-ip.js
rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:f800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f79251795bee966eabc621ed72551e7884ca501284ea757d496df7c0a738722

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:44:40 GMT
content-encoding
br
last-modified
Sun, 25 Apr 2021 09:59:22 GMT
server
AmazonS3
age
1817
etag
W/"41e87284f0e9d616691341c9825af95c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
_BckRx3PSS0a4021rP32kHc5zk6ZELgZ
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
cache-control
public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-pop
CDG52-P2
content-type
application/javascript
x-amz-cf-id
Msn2BIMQ6WzsSFnwS8G1ivat47e71D8Nw2YOvKNKG8IRvRLqvVmiDQ==
ats.js
ats.rlcdn.com/ 		184 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-59.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cffabe0948ab31d5e6574c15c4e0d494ecc146d91cd0434d684c9ace31f9c068

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PU5uQG8k6fF7c8ExjUxBI8zMqnTbvUtK
content-encoding
gzip
etag
W/"535a44cb49d4769cf9ec82fbcba860c8"
last-modified
Fri, 09 Apr 2021 08:07:05 GMT
server
AmazonS3
age
6259
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
date
Wed, 02 Jun 2021 00:31:16 GMT
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
fkCcKtRdHxl6AWMYHA_AROoqdNM-pExhMeggx64n-30emCPsu8F_0w==
pubads_impl_2021052601.js
securepubads.g.doubleclick.net/gpt/ 		311 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 08:37:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111649
x-xss-protection
0
expires
Wed, 02 Jun 2021 02:14:56 GMT
grumi.js
rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/ 		211 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:f800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847ac095d407715f2712592f4c4becc5caf0390e073c087553578142a60239d6

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:45:18 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 01:36:57 GMT
server
AmazonS3
age
1779
etag
W/"5169f39b8d2e851ee11e1f085ee2c1c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
vA40TvpoxyVfQI2RGpAhh2tPzBWLF5.A
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
CDG52-P2
content-type
text/javascript
x-amz-cf-id
fQcaElE5ibfWZ5aMxYpU7nbN611HihJBwq4Pl94BaQwD4o5KJz3srQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.168.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-168-121.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
x-amz-cf-pop
CDG52-P2
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Wed, 02 Jun 2021 02:14:56 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 72b94a25bcecdbda64f33818ad380f7e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-id
5wK0q1OFAlxKq6yU5mfCX0fshr1jjWZ7H6JPhGrjVzb-G5YCL07TNA==
config
c.amazon-adsystem.com/cdn/prod/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=fa06da55-7aca-4111-be89-a65f83330498&u=https%3A%2F%2Fportal.tds.net%2F
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.168.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-168-121.cdg52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
via
1.1 5b23e906a0b30aeeaaccd141aadaa56d.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CDG52-P2
x-cache
Miss from cloudfront
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
OEoMjt1frtrLYuJqCLL2900oYAHXasAs_IXjCkNAPnGof0fz0f4gKA==
/
geo.privacymanager.io/ 		30 B
602 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-96.cdg52.r.cloudfront.net
Software
/
Resource Hash
e9ceb96b2aff7b757c9c2507a1e8a1d2b40ddea4fadcb17839cda3e5020bd7ab

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 04:32:15 GMT
via
1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront), 1.1 e0720e45d2e7ea5da3d185114a45e51e.cloudfront.net (CloudFront)
age
78161
x-amzn-requestid
e8437b1c-6820-46ee-9ea9-6a23e1651e1c
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-60b5b84f-26964678224fce377f84f3cc;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C2, CDG52-P2
x-amz-apigw-id
AOm8cHLDDoEFZtQ=
content-length
30
x-amz-cf-id
_m-ByZx9AcDzALfRG2iHud_TfCHOdseb5p_8EuSM684ubSnmOjGxmQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
tds
tds.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tds.technoratimedia.com/openrtb/bids/tds?src=prebid_prebid_4.35.0
Protocol
H2
Server
150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://portal.tds.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:14:57 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://portal.tds.net
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
140269023
age
0
via
1.1 varnish
bid
c.amazon-adsystem.com/e/dtb/ 		138 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fportal.tds.net%2F&pid=mfymMyYCBVGAx&cb=0&ws=1600x1200&v=7.65.00&t=1200&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5284%2Fsyn.tds%2Fmasthead%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22500x375%22%5D%2C%22sn%22%3A%22%2F5284%2Fsyn.tds%2Fhome_mtf%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5284%2Fsyn.tds%2Fhome%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5284%2Fsyn.tds%2Fstream_1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5284%2Fsyn.tds%2Fhome_scm%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5284%2Fsyn.tds%2Fstream_2%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5284%2Fsyn.tds%2Fhome_wij%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5284%2Fsyn.tds%2Fhome_btf%22%7D%2C%7B%22sd%22%3A%228%22%2C%22s%22%3A%5B%221x1%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5284%2Fsyn.tds%2Fadhesion%22%7D%5D&cfgv=0&pubid=fa06da55-7aca-4111-be89-a65f83330498&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.168.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-168-121.cdg52.r.cloudfront.net
Software
Server /
Resource Hash
b73cfac616096ae6716862f8564804b4cda6c10910a21a0b41a544d9077bba76
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
via
1.1 5b23e906a0b30aeeaaccd141aadaa56d.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CDG52-P2
x-amz-rid
VYXZ1CF4VEYF1EHNTJD5
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://portal.tds.net
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
138
x-amz-cf-id
JN26pNYI7o31qEyVdgKEZI9JMBi3nIs3F0NLg4ySHpqHnXSQp-ujLA==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		265 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13344&size_id=15&p_pos=atf&rf=https%3A%2F%2Fportal.tds.net%2F&kw=rp.fastlane&tg_i.domain=portal.tds.net&tg_fl.eid=div-gpt-ad-home&tg_fl.uname=%2F5284%2Fsyn.tds%2Fhome&tg_fl.pr_acctid=13344&tk_flint=plain&x_source.tid=6e6fbb7c-4e60-43f1-86b8-17c189911956&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rand=0.5889577473942262
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/header/13344.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e25e7734c8214dafb1362c615194ecf121242e403a4c76fce11a403d7e9bcb00

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:56 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://portal.tds.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
265
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		265 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13344&size_id=15&p_pos=atf&rf=https%3A%2F%2Fportal.tds.net%2F&kw=rp.fastlane&tg_i.domain=portal.tds.net&tg_fl.eid=div-gpt-ad-home_scm&tg_fl.uname=%2F5284%2Fsyn.tds%2Fhome_scm&tg_fl.pr_acctid=13344&tk_flint=plain&x_source.tid=6e6fbb7c-4e60-43f1-86b8-17c189911956&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rand=0.852402703493985
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/header/13344.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0a6bd1d86894ecb5d33100171dae4920fcdf3c947d03eeb9c721e55598c1ec5a

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:56 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://portal.tds.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
265
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		265 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13344&size_id=15&p_pos=atf&rf=https%3A%2F%2Fportal.tds.net%2F&kw=rp.fastlane&tg_i.domain=portal.tds.net&tg_fl.eid=div-gpt-ad-home_wij&tg_fl.uname=%2F5284%2Fsyn.tds%2Fhome_wij&tg_fl.pr_acctid=13344&tk_flint=plain&x_source.tid=6e6fbb7c-4e60-43f1-86b8-17c189911956&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rand=0.7815759800860484
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/header/13344.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
155f892735d13a0a615c9f44794d6233c5cae035d8d539e41379d99f41fd5a32

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:56 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://portal.tds.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
265
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		265 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13344&size_id=15&p_pos=btf&rf=https%3A%2F%2Fportal.tds.net%2F&kw=rp.fastlane&tg_i.domain=portal.tds.net&tg_fl.eid=div-gpt-ad-home_btf&tg_fl.uname=%2F5284%2Fsyn.tds%2Fhome_btf&tg_fl.pr_acctid=13344&tk_flint=plain&x_source.tid=6e6fbb7c-4e60-43f1-86b8-17c189911956&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rand=0.2286316345668966
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/header/13344.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ce0f5c4fbed08ad75bed4eb58f5cbf00a15af06c5f737a6e2e503b2effcc2384

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:56 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://portal.tds.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
265
Expires
Wed, 17 Sep 1975 21:32:10 GMT
tds
tds.technoratimedia.com/openrtb/bids/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tds.technoratimedia.com/openrtb/bids/tds?src=prebid_prebid_4.35.0
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
261139654
access-control-allow-origin
https://portal.tds.net
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		25 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=530186&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2210e9371bad62ead%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fportal.tds.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%224.35.0%22%2C%22msd%22%3A3%2C%22msi%22%3A3%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211156beeadd8d3f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22530186%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2212bd282082e9575%22%2C%22ext%22%3A%7B%22siteID%22%3A%22530173%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2213aded140b5d1c5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22530177%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2214fba64bd6c6ee2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22530178%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2215cf7d75326c03e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22530175%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216176a524762edf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22530187%22%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2211156beeadd8d3f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22530186%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2211156beeadd8d3f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22530186%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216176a524762edf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22530187%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3c9f23a3c3e9b5e38f4b653796b8ca2415b3a92b6df0c844fcdf84d8286aaeb1

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[91.132.136.92], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://portal.tds.net
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Wed, 02 Jun 2021 02:14:56 GMT
cdb
bidder.criteo.com/ 		18 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.35.0&cb=50621764443
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://portal.tds.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		724 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
2f02d818aa44f7d0bf039b2c124cfd27663809de2a54983d0722c8d036da93e7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 02 Jun 2021 02:14:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.132.136.92; 91.132.136.92; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.139:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
59a3eeb4-12e1-4db1-bad2-dc22fe9eb659
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://portal.tds.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=4000&ts=1622600096833&src=pbjs
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://portal.tds.net
date
Wed, 02 Jun 2021 02:14:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://portal.tds.net
date
Wed, 02 Jun 2021 02:14:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v2
e.serverbid.com/api/ 		16 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://portal.tds.net
date
Wed, 02 Jun 2021 02:14:56 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
/
vam-image.media.syn-cdn.com/a9/99/a9998d29c5d7a043d2b383ca7370508b245e27fe/w=256,h=144,crop=focus/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vam-image.media.syn-cdn.com/a9/99/a9998d29c5d7a043d2b383ca7370508b245e27fe/w=256,h=144,crop=focus/?app=portal&sig=c1cb61632c8147070b964f334d51b0a172183393f2a23f01206727d1d6c6b0d7
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Apache /
Resource Hash
ec3ef79da9ff564b9c6f62855c2e0c1cd7f9f3accc8203a15a90c46efa3101a8

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 02 Jun 2021 02:14:57 GMT
cache-control
max-age=365000000, immutable
server
Apache
content-type
image/jpeg
content-length
8481
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
/
vam-image.media.syn-cdn.com/5a/5a/5a5a2d7d87f893c18c64ce3f513158ea42f85646/w=256,h=144,crop=focus/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vam-image.media.syn-cdn.com/5a/5a/5a5a2d7d87f893c18c64ce3f513158ea42f85646/w=256,h=144,crop=focus/?app=portal&sig=c1cb61632c8147070b964f334d51b0a172183393f2a23f01206727d1d6c6b0d7
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C18) /
Resource Hash
bc2b1f42a74fd925f6db1c1a03c1cce7f12f495bde303c636b41f0f9daed4b3b

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
last-modified
Mon, 31 May 2021 20:47:07 GMT
server
ECAcc (mil/6C18)
age
106069
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
access-control-allow-origin
*
cache-control
max-age=365000000, immutable
accept-ranges
bytes
content-type
image/jpeg
content-length
8043
/
weather.syn-api.com/forecast/daily/location/47.39,8.45/days/5/ 		6 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://weather.syn-api.com/forecast/daily/location/47.39,8.45/days/5/
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
473e701f9255656c8d31fdb95ec8e34faf87c7d017bb0fdc20486c43668a1de2

Request headers

Accept-Language
Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
content-encoding
gzip
server
nginx
age
0
etag
87a66c8c67891f6e25850ec4f0386fec
vary
Accept-Encoding, Origin, Accept-Language
content-language
en
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=296, public, x-grace=1800
x-varnish
1050000267
accept-ranges
bytes
content-type
application/hal+json
content-length
1225
via
1.1 varnish
x-timer
0.078
/
weather.syn-api.com/current/location/47.39,8.45/ 		463 B
569 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://weather.syn-api.com/current/location/47.39,8.45/
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
ec00d34315df16e1cec421ac42a42934da807bea473dad1c07f6389a51b807df

Request headers

Accept-Language
Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
content-encoding
gzip
server
nginx
age
0
etag
dd3174b00860516b133a7784ec6be81d
vary
Accept-Encoding, Origin, Accept-Language
content-language
en
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=313, public, x-grace=1800
x-varnish
1048325159
accept-ranges
bytes
content-type
application/hal+json
content-length
261
via
1.1 varnish
x-timer
0.186
/
weather.syn-api.com/alerts/location/47.39,8.45/ 		0
215 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://weather.syn-api.com/alerts/location/47.39,8.45/
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish
server
nginx
age
0
vary
Accept-Encoding, Origin, Accept-Language
content-language
en
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=306, public, x-grace=1800
x-varnish
1048300374
x-timer
0.166
/
vam-image.media.syn-cdn.com/0f/88/0f881fdb49ca6ab02ca41d1634754babd72e723f/w=640,h=360,crop=focus/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vam-image.media.syn-cdn.com/0f/88/0f881fdb49ca6ab02ca41d1634754babd72e723f/w=640,h=360,crop=focus/?app=portal&sig=31896e552432d5e7ef926de3b6e3e15b88bd026b87555cd77cb654b3d1850ee9
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Apache /
Resource Hash
53798de3b8a7a63f4c417952b02271a35a37685c5c21545aaaa7d6cda129897c

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 02 Jun 2021 02:14:57 GMT
cache-control
max-age=365000000, immutable
server
Apache
content-type
image/jpeg
content-length
45103
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210531-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
y2EUw.irPGYHWZQvvHFS16CCD7wJF5Fq
content-encoding
gzip
etag
"7f7f981d4ecb61feeff48e66441716da"
age
25310
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5628
x-amz-id-2
U1TbYOeMJdgziqZUZ5Pw84oNcXMDzoETnzr3O2tNyYtFI5qeISf28bNEhQhnuLD7gQtVvaHA7Do=
x-served-by
cache-hhn11524-HHN
last-modified
Sun, 30 May 2021 11:12:52 GMT
server
AmazonS3
x-timer
S1622600097.927793,VS0,VE0
date
Wed, 02 Jun 2021 02:14:56 GMT
vary
Accept-Encoding
x-amz-request-id
NWCPYBF1DRE03144
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
76
x-cache-hits
195878
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210531-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
12348
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by
cache-hhn11524-HHN
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1622600097.927817,VS0,VE0
date
Wed, 02 Jun 2021 02:14:56 GMT
vary
Accept-Encoding
x-amz-request-id
CR4E2RJ6SANDVYVF
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
76
x-cache-hits
21783
tfa-eid.20210531-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210531-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/synacor-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
587f61f2a0e3b04a32e6905b4030f9ed0a03ac2a0218d986c1736be2a8d1bf8f

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eiGuRlCiqZVEAIpQiKMGz3pMqCnBJxDJ
content-encoding
gzip
etag
"0a50a8810b6c00891b72d1d1331c392b"
age
110
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4867
x-amz-id-2
Dg5093AyuaKJXfzGnvkPQZ1RvJggqmDs20rFDLPp+d8CpCgM/SZvM2ciXtw0NIUga3eksL8Sa2A=
x-served-by
cache-hhn11524-HHN
last-modified
Tue, 01 Jun 2021 12:42:40 GMT
server
AmazonS3
x-timer
S1622600097.929922,VS0,VE0
date
Wed, 02 Jun 2021 02:14:56 GMT
vary
Accept-Encoding
x-amz-request-id
GAK5AQ04SG2DP2GE
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
76
x-cache-hits
211
sha256.20210531-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210531-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/synacor-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b866091b86aa3f240072a9f442783b787a8fbab138f005f89ddc7eee2ccbc6f

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
6a2LqGa8BGuPZO9WWenPX4YzWqSMFBPq
content-encoding
gzip
etag
"6ca0d5f3f416f741e56145de17e7e4ec"
age
98
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2595
x-amz-id-2
/TfKasl94uMYnxFlUBRhkDlUklISS16rpeKvWWiu/myOJnLeKyNKI3jYXnvSJ1fUILoQFWGkmLU=
x-served-by
cache-hhn11524-HHN
last-modified
Tue, 01 Jun 2021 12:42:53 GMT
server
AmazonS3
x-timer
S1622600097.929889,VS0,VE0
date
Wed, 02 Jun 2021 02:14:56 GMT
vary
Accept-Encoding
x-amz-request-id
F71A4JD0BXBEPNNR
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
76
x-cache-hits
173
userx.20210531-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210531-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/synacor-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab237484f8603ecb3fe317be87032945d68d5899d66b9fbcb7936e5cc8618854

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
G5x1UjTzFIETH2TIxNNm88GDKlTd1xsX
content-encoding
gzip
etag
"c294d9abac365f484c6bd24d2f6e4bd4"
age
107
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7962
x-amz-id-2
asiMgoxtG5HNZ2mDpXSftiEfuqBIoUKoZw4DStaRBH2ewJM5ecJXQLSPzVbpOYLounHfRbnybUA=
x-served-by
cache-hhn11524-HHN
last-modified
Tue, 01 Jun 2021 12:42:35 GMT
server
AmazonS3
x-timer
S1622600097.949568,VS0,VE0
date
Wed, 02 Jun 2021 02:14:56 GMT
vary
Accept-Encoding
x-amz-request-id
0E8DX8JMGEYMJD1P
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
76
x-cache-hits
26
85d50be6796fbedcfde3a78fa071f15e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/85d50be6796fbedcfde3a78fa071f15e.jpg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dec56c92d388731e40c8dbce2f2287455170950d02cb1715806d935d48e8198d

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
3847376
edge-cache-tag
426149807094179311327099405716342750087,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Tue, 11 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/85d50be6796fbedcfde3a78fa071f15e.jpg
content-length
22058
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Sat, 10 Apr 2021 11:44:02 GMT
server
nginx
x-timer
S1622600097.095084,VS0,VE1
etag
"f867b0ba592bd143e869477ae16fb8ab"
x-served-by
cache-wdc5523-WDC, cache-dca17779-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
%3Fapp%3Dportal%26sig%3D12bc1e07a42636fadaf7d06113048c416ad8eb47b8b34e652b5215a66d16c705
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_285%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//vam-image.media.syn-cdn.com/71/63/71631f13b76569240b51540e2cde3778ee368aeb/h%3D33... 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_285%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//vam-image.media.syn-cdn.com/71/63/71631f13b76569240b51540e2cde3778ee368aeb/h%3D338%2Cw%3D600%2Ccrop%3Dfocus/%3Fapp%3Dportal%26sig%3D12bc1e07a42636fadaf7d06113048c416ad8eb47b8b34e652b5215a66d16c705
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d3b9ad1df800f8a988fa15ed8d6d450e6fdba285a7f5983eca6f69f0befe224d

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
40728
edge-cache-tag
394936410095848638589340954154117698122,589547596583396102750229382789429045147,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
687
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_285%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//vam-image.media.syn-cdn.com/71/63/71631f13b76569240b51540e2cde3778ee368aeb/h%3D338%2Cw%3D600%2Ccrop%3Dfocus/%3Fapp%3Dportal%26sig%3D12bc1e07a42636fadaf7d06113048c416ad8eb47b8b34e652b5215a66d16c705
content-length
9084
x-request-id
59183fd2168e346a5f68cfe2a41c82e6
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Tue, 01 Jun 2021 14:56:09 GMT
server
nginx
x-timer
S1622600097.095164,VS0,VE1
etag
"3637041193478c8a72569bf9e31f33aa"
x-served-by
cache-wdc5539-WDC, cache-dca17780-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
%3Fapp%3Dportal%26sig%3D12bc1e07a42636fadaf7d06113048c416ad8eb47b8b34e652b5215a66d16c705
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_285%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//vam-image.media.syn-cdn.com/c4/03/c403fb58a1a5d5527f7076169aefa84d328bebbf/h%3D33... 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_285%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//vam-image.media.syn-cdn.com/c4/03/c403fb58a1a5d5527f7076169aefa84d328bebbf/h%3D338%2Cw%3D600%2Ccrop%3Dfocus/%3Fapp%3Dportal%26sig%3D12bc1e07a42636fadaf7d06113048c416ad8eb47b8b34e652b5215a66d16c705
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
673e56844404bee5d80d06db1c6203b4e0ab713d797d229c3191abaea6c2f49f

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
107655
edge-cache-tag
531698371503180108622332528719713226374,589547596583396102750229382789429045147,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
528
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_285%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//vam-image.media.syn-cdn.com/c4/03/c403fb58a1a5d5527f7076169aefa84d328bebbf/h%3D338%2Cw%3D600%2Ccrop%3Dfocus/%3Fapp%3Dportal%26sig%3D12bc1e07a42636fadaf7d06113048c416ad8eb47b8b34e652b5215a66d16c705
content-length
8292
x-request-id
ae64d01222b4803ccc0e994b54803ec4
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Mon, 31 May 2021 20:09:47 GMT
server
nginx
x-timer
S1622600097.095083,VS0,VE1
etag
"a236b861dc1497f277c18e231f8f2886"
x-served-by
cache-wdc5527-WDC, cache-dca17731-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
0898032cafa82f1d25ffe5174ebe1283.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_145%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_145%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0898032cafa82f1d25ffe5174ebe1283.jpg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e7e8c16a04af84b8b22bdcfabc7c6dbcbdab8800e768d8bc3a74c3451b94669a

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
2303470
edge-cache-tag
496285162598799355441065199713521818347,470377506306855994518165095385637019006,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Fri, 07 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_145%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0898032cafa82f1d25ffe5174ebe1283.jpg
content-length
7394
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Tue, 06 Apr 2021 06:47:34 GMT
server
nginx
x-timer
S1622600097.095240,VS0,VE1
etag
"5d8dd0c04e0395e5a0fb8e44239fdd38"
x-served-by
cache-wdc5582-WDC, cache-dca17772-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
d0b2a9a8bcb6c1dd4eb2fe4719cacfc0.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_145%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_145%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d0b2a9a8bcb6c1dd4eb2fe4719cacfc0.jpeg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d89cd8c1ce585cf70d226e4e8db494c25c1a4e1d4aa2ffaa1a1202942d3f1a46

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
3510158
edge-cache-tag
343351420035001960431087952642471355329,470377506306855994518165095385637019006,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Sat, 15 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_145%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d0b2a9a8bcb6c1dd4eb2fe4719cacfc0.jpeg
content-length
16204
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Wed, 14 Apr 2021 04:25:18 GMT
server
nginx
x-timer
S1622600097.095435,VS0,VE0
etag
"0e5601b5de951792312a47f4d0376ad0"
x-served-by
cache-wdc5544-WDC, cache-dca17752-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 3
julian-nagelsmann-rb-leipzig-2019-20_2k1579ho90e91460lw4jxcde4.jpg%3Ft%3D-410293266%26quality%3D100
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_145%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.daznservices.com/di/library/GOAL/c1/f4/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_145%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.daznservices.com/di/library/GOAL/c1/f4/julian-nagelsmann-rb-leipzig-2019-20_2k1579ho90e91460lw4jxcde4.jpg%3Ft%3D-410293266%26quality%3D100
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
389a635cde770b8a99f2822cf2467329e5d4ca913f913664c94fabea12bed2f5

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
1891677
edge-cache-tag
531354592806313286116062699218435543576,470377506306855994518165095385637019006,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Mon, 31 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_145%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.daznservices.com/di/library/GOAL/c1/f4/julian-nagelsmann-rb-leipzig-2019-20_2k1579ho90e91460lw4jxcde4.jpg%3Ft%3D-410293266%26quality%3D100
content-length
5246
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Fri, 30 Apr 2021 15:49:24 GMT
server
nginx
x-timer
S1622600097.095428,VS0,VE1
etag
"ff3a6f762f3d1b9cde32e62109325fb5"
x-served-by
cache-wdc5538-WDC, cache-dca17761-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
302828d81c2d53eeaa22ba1b2f364f76.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_145%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_145%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/302828d81c2d53eeaa22ba1b2f364f76.png
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
de6396b341236ff028e5a031865c9f97e637ec99cc7fffff83fc9b9365f2b04e

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
298
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
625521258249639956862648669987059183178,470377506306855994518165095385637019006,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
188
expiration
expiry-date="Sun, 27 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_145%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/302828d81c2d53eeaa22ba1b2f364f76.png
content-length
3414
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Thu, 27 May 2021 10:02:35 GMT
server
nginx
x-timer
S1622600097.121381,VS0,VE298
etag
"8df004d90b076858a2e5003b0e5a9803"
x-served-by
cache-wdc5579-WDC, cache-dca17757-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
3w2fINrvHLkfT6h.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_145%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/tools/cropper/images/prod/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_145%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/tools/cropper/images/prod/3w2fINrvHLkfT6h.jpg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2619b5240733bf699fb722d2ce9c25e666be0e621f8cb6e80b795d5fc1426cca

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
2056944
edge-cache-tag
424613620277129666319636179968619873222,470377506306855994518165095385637019006,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
39
expiration
expiry-date="Fri, 14 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_145%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/tools/cropper/images/prod/3w2fINrvHLkfT6h.jpg
content-length
8524
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Tue, 13 Apr 2021 21:33:24 GMT
server
nginx
x-timer
S1622600097.121673,VS0,VE1
etag
"1c7e1a9df1fd6b9b0350746f6935d0a3"
x-served-by
cache-wdc5523-WDC, cache-dca17733-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
64b8fdf537f30a0d5d3011da8848775f-700.jpg
images.taboola.com/taboola/image/fetch/h_145,w_260,c_fill,g_xy_center,x_525,y_364/https%3A//www.wallpaperup.com/uploads/wallpapers/2013/12/16/197255/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_145,w_260,c_fill,g_xy_center,x_525,y_364/https%3A//www.wallpaperup.com/uploads/wallpapers/2013/12/16/197255/64b8fdf537f30a0d5d3011da8848775f-700.jpg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e86af40d3e423c1a8c3c91e05c2751f832915c5e889823712ce7c10ef247920e

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
2687404
edge-cache-tag
394749387888706267185718539024671997240,363092615929639945111155926941413771389,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
expiration
expiry-date="Sat, 29 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/h_145,w_260,c_fill,g_xy_center,x_525,y_364/https%3A//www.wallpaperup.com/uploads/wallpapers/2013/12/16/197255/64b8fdf537f30a0d5d3011da8848775f-700.jpg
content-length
4960
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Wed, 28 Apr 2021 13:55:42 GMT
server
nginx
x-timer
S1622600097.121669,VS0,VE1
etag
"732d63edbe4f0a2a6c1f82019f67596e"
x-served-by
cache-wdc5556-WDC, cache-dca17729-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
%3Fapp%3Dportal%26sig%3D12bc1e07a42636fadaf7d06113048c416ad8eb47b8b34e652b5215a66d16c705
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//vam-image.media.syn-cdn.com/cf/7d/cf7d7d301b692351bf460fc20eb7e2305191c09a/h%3D33... 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//vam-image.media.syn-cdn.com/cf/7d/cf7d7d301b692351bf460fc20eb7e2305191c09a/h%3D338%2Cw%3D600%2Ccrop%3Dfocus/%3Fapp%3Dportal%26sig%3D12bc1e07a42636fadaf7d06113048c416ad8eb47b8b34e652b5215a66d16c705
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b0a3d7e16842857622ad431049f6bdd4f67904e15c7b245eecd8f64ae6d500a2

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
143777
edge-cache-tag
396694845206285580565522447641208019313,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
258
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//vam-image.media.syn-cdn.com/cf/7d/cf7d7d301b692351bf460fc20eb7e2305191c09a/h%3D338%2Cw%3D600%2Ccrop%3Dfocus/%3Fapp%3Dportal%26sig%3D12bc1e07a42636fadaf7d06113048c416ad8eb47b8b34e652b5215a66d16c705
content-length
8176
x-request-id
30e1f9b2b727ac556572117dd65ea8cc
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Mon, 31 May 2021 10:12:27 GMT
server
nginx
x-timer
S1622600097.121794,VS0,VE1
etag
"80453f2f36c824dae54021273859263f"
x-served-by
cache-wdc5543-WDC, cache-dca17746-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
%3Fapp%3Dportal%26sig%3D12bc1e07a42636fadaf7d06113048c416ad8eb47b8b34e652b5215a66d16c705
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//vam-image.media.syn-cdn.com/26/51/2651c9f22bacfae55524624873b70d41a6bccad6/h%3D33... 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//vam-image.media.syn-cdn.com/26/51/2651c9f22bacfae55524624873b70d41a6bccad6/h%3D338%2Cw%3D600%2Ccrop%3Dfocus/%3Fapp%3Dportal%26sig%3D12bc1e07a42636fadaf7d06113048c416ad8eb47b8b34e652b5215a66d16c705
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0a2afdbd71df7a97ceaea8601579c8a2442a6e87109bf372bd47a725ee4bd3fc

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
28967
edge-cache-tag
300303336434606541804920938727700073572,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
21
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//vam-image.media.syn-cdn.com/26/51/2651c9f22bacfae55524624873b70d41a6bccad6/h%3D338%2Cw%3D600%2Ccrop%3Dfocus/%3Fapp%3Dportal%26sig%3D12bc1e07a42636fadaf7d06113048c416ad8eb47b8b34e652b5215a66d16c705
content-length
13102
x-request-id
800cf07292f0dc898e256a006e45bf55
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Tue, 01 Jun 2021 18:11:21 GMT
server
nginx
x-timer
S1622600097.121778,VS0,VE1
etag
"d8ac5b48f506cb45bbfcc8741b49995a"
x-served-by
cache-wdc5558-WDC, cache-dca17775-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
cdb2528a15960c62d157daa5f9196da6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.pinimg.com/originals/cd/b2/52/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.pinimg.com/originals/cd/b2/52/cdb2528a15960c62d157daa5f9196da6.png
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
38af068371d67447b0e25966dadcc89d073279a9664ab37076922a6f261aa261

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
2557165
edge-cache-tag
611116465902273180564242190191294800776,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
60
expiration
expiry-date="Sun, 16 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.pinimg.com/originals/cd/b2/52/cdb2528a15960c62d157daa5f9196da6.png
content-length
9738
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 15 Apr 2021 18:50:15 GMT
server
nginx
x-timer
S1622600097.121855,VS0,VE1
etag
"7fae26f24b71ba9d27299d0df815013e"
x-served-by
cache-wdc5532-WDC, cache-dca17732-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
ed6eccd9df0130909dab0b25b1d7eabb.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed6eccd9df0130909dab0b25b1d7eabb.png
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef9fe395e3dfc558c8db7c346f4980038938b40af860f2e91a392c2058e4a470

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
88
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
60193
edge-cache-tag
425917864007913191118560303169145174949,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
94
expiration
expiry-date="Fri, 25 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed6eccd9df0130909dab0b25b1d7eabb.png
content-length
4466
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 25 May 2021 05:51:37 GMT
server
nginx
x-timer
S1622600097.145251,VS0,VE88
etag
"0b6a807318c6fc1548eb0adf0dc478b6"
x-served-by
cache-wdc5543-WDC, cache-dca17739-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
d1c04e6e0e4fd23e5df19fa5ccd6ac43.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d1c04e6e0e4fd23e5df19fa5ccd6ac43.jpg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e76cf736f6b484fe0ee41d95139922e0766b3120fe1660d106b895fb916e2d5f

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
357804
edge-cache-tag
386686254451814469996297469136518175932,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
285
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d1c04e6e0e4fd23e5df19fa5ccd6ac43.jpg
content-length
5468
x-request-id
9ed370721ff9d30211ad72427de12739
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Thu, 27 May 2021 09:38:57 GMT
server
nginx
x-timer
S1622600097.145255,VS0,VE1
etag
"e911b7c7828a90263958276c4023e95e"
x-served-by
cache-wdc5544-WDC, cache-dca17751-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
47d1254bc729f2408b52de78529f0547.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/47d1254bc729f2408b52de78529f0547.jpg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d9de9b41aaebf34b690c5d7b223d2c5d7b82204753e3c0a1ed05cee2521e8aa4

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
2201879
edge-cache-tag
606765351558679631543776266869228745605,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/47d1254bc729f2408b52de78529f0547.jpg
content-length
5586
x-request-id
6061f3b76525a709b209591099306274
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Sat, 24 Apr 2021 00:29:08 GMT
server
nginx
x-timer
S1622600097.145407,VS0,VE1
etag
"5592d04ef1c3af7c78e0ffdca662a0ab"
x-served-by
cache-wdc5579-WDC, cache-dca17783-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
6f67432d18e27d376f3d98b4b88a7c92.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f67432d18e27d376f3d98b4b88a7c92.png
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
533f946e754c7b3e1ad43c451d2a41bbdf0c3a7159bcd069e5ac572cef73e368

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
1410495
edge-cache-tag
505302861001088504038564512862859770066,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
513
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f67432d18e27d376f3d98b4b88a7c92.png
content-length
10328
x-request-id
8b3652c526eaa114294acb3e39e0447b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sun, 16 May 2021 07:03:59 GMT
server
nginx
x-timer
S1622600097.145393,VS0,VE1
etag
"97a097de3ae9c189409917addd4be6ed"
x-served-by
cache-wdc5531-WDC, cache-dca17727-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Taylor-Hill2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.wikibio.us/wp-content/uploads/2020/05/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.wikibio.us/wp-content/uploads/2020/05/Taylor-Hill2.jpg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
55e49fd040a10a34fabce82e0e875308c9bf691a95d5205fa7ba8dd073fa354f

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
100173
edge-cache-tag
446270523042599887165320370720368629700,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
108
expiration
expiry-date="Tue, 01 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.wikibio.us/wp-content/uploads/2020/05/Taylor-Hill2.jpg
content-length
4316
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Sat, 01 May 2021 04:02:07 GMT
server
nginx
x-timer
S1622600097.145382,VS0,VE1
etag
"6f81ea520cae0f182ad2edc4777f72f6"
x-served-by
cache-wdc5572-WDC, cache-dca17732-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
3d86c2da40a5686d1f95f32a0b70ecbf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3d86c2da40a5686d1f95f32a0b70ecbf.jpg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
330f905f92f888e61711a34653d662988589b6cc2d4355114b2d6dbb812660f6

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish, 1.1 varnish
age
3515874
edge-cache-tag
435579761882399063867323778344606761659,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Tue, 11 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3d86c2da40a5686d1f95f32a0b70ecbf.jpg
content-length
5602
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sat, 10 Apr 2021 05:45:36 GMT
server
nginx
x-timer
S1622600097.168040,VS0,VE1
etag
"7e55c3f496d752c2afd017e763b2e02f"
x-served-by
cache-wdc5534-WDC, cache-dca17741-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 7793
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_cnv_n-amobee
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_cnv_n-amobee&dcc=t
260 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_cnv_n-amobee&dcc=t
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9035e4f18b701b711861d6658d826baa97d0cc736a7300b8f41bdbdfecac536c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://portal.tds.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5CqShjc2UGvhu4pnvK8plg|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.tds.net/

Response headers

Server
Server
Date
Wed, 02 Jun 2021 02:14:57 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
260
Connection
keep-alive
x-amz-rid
8QC42HEKXT3V5E846N39
Set-Cookie
ad-id=A5CqShjc2UGvhu4pnvK8plg; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 02:14:57 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 02:14:57 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Wed, 02 Jun 2021 02:14:57 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
W0AH983NKEAWFSVXQFH6
Set-Cookie
ad-id=A5CqShjc2UGvhu4pnvK8plg|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 02:14:57 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_cnv_n-amobee&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
/
appserv.garnet.synacor.com//_/ 		884 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://appserv.garnet.synacor.com//_/?_client_uri=client%3A%2F%2Fclient_config%2Fdefault%2F&_is_jsonp=1&_root_url=https%3A%2F%2Fportal.tds.net%2F&_site_uri=site%3A%2F%2Fsite_config%2Fdefault-gen4%2F&_uri=component%3A%2F%2FSynacor%2FGen4%2FConfiguration%2FComponents%2FService%2F&action=fetch&app_server=true&params%5Buri%5D=restriction%3A%2F%2FSynacor%2FPortal%2FRestriction%2F2021%2FOr%2FTDSCable%2F&service_name=restriction&callback=servicejsonpxdrxdp
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.8.70.58 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
d9c35b08c486c8507c0f6be2c71020689f595d26ba516616740ca11f41207691

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:14:57 GMT
Content-Encoding
gzip
Server
nginx
Age
0
Vary
Accept-Encoding
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
Via
1.1 varnish
X-Varnish
537455912
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/json; charset=utf-8
Content-Length
407
/
appserv.garnet.synacor.com//_/ 		885 B
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://appserv.garnet.synacor.com//_/?_client_uri=client%3A%2F%2Fclient_config%2Fdefault%2F&_is_jsonp=1&_root_url=https%3A%2F%2Fportal.tds.net%2F&_site_uri=site%3A%2F%2Fsite_config%2Fdefault-gen4%2F&_uri=component%3A%2F%2FSynacor%2FGen4%2FConfiguration%2FComponents%2FService%2F&action=fetch&app_server=true&params%5Buri%5D=restriction%3A%2F%2FSynacor%2FPortal%2FRestriction%2F2021%2FOr%2FTDSNonTVWireline%2F&service_name=restriction&callback=servicejsonp_7c9al4
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.8.70.58 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
0563070d51850cf559243c2d2e25e9359a3809bbce2b521b0dd3e2707d9dbe23

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:14:57 GMT
Content-Encoding
gzip
Server
nginx
Age
0
Vary
Accept-Encoding
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
Via
1.1 varnish
X-Varnish
537965240
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/json; charset=utf-8
Content-Length
409
/
appserv.garnet.synacor.com//_/ 		885 B
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://appserv.garnet.synacor.com//_/?_client_uri=client%3A%2F%2Fclient_config%2Fdefault%2F&_is_jsonp=1&_root_url=https%3A%2F%2Fportal.tds.net%2F&_site_uri=site%3A%2F%2Fsite_config%2Fdefault-gen4%2F&_uri=component%3A%2F%2FSynacor%2FGen4%2FConfiguration%2FComponents%2FService%2F&action=fetch&app_server=true&params%5Buri%5D=restriction%3A%2F%2FSynacor%2FPortal%2FRestriction%2F2021%2FOr%2FTDSTVWireline%2F&service_name=restriction&callback=servicejsonp_apvo5f
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.8.70.58 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
d1074a2ffbf1a0de7e4f51d4c99f83c7cac29ad41979fdd3b7253974d451119e

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:14:57 GMT
Content-Encoding
gzip
Server
nginx
Age
0
Vary
Accept-Encoding
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
Via
1.1 varnish
X-Varnish
540746863
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/json; charset=utf-8
Content-Length
408
weather-svg-icon.3149bcb4.chunk.js
tesseract.media.syn-cdn.com/ 		74 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tesseract.media.syn-cdn.com/weather-svg-icon.3149bcb4.chunk.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C0D) /
Resource Hash
2fb76e252fb3e8e4e8fb84c97049c24cf35775edf5b149f944cb338759167891

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
content-encoding
gzip
age
2966771
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
13281
access-control-allow-origin
*
last-modified
Mon, 26 Apr 2021 17:12:23 GMT
server
ECAcc (mil/6C0D)
etag
"129b1-5c0e33fbccbc0"
vary
Accept-Encoding
x-varnish
442998633 443330309
via
1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:02:30 GMT
roboto-light_36m5-.woff
tesseract.media.syn-cdn.com/assets/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tesseract.media.syn-cdn.com/assets/roboto-light_36m5-.woff
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tdstelecom.tesseract.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C54) /
Resource Hash
82ccaa048a41d3072e5e20792d6a6814a80cfb4ed4c947a64cc90f7a8895bfc0

Request headers

Origin
https://portal.tds.net
Referer
https://tesseract.media.syn-cdn.com/tdstelecom.tesseract.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
content-encoding
gzip
age
26965103
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
18955
access-control-allow-origin
*
last-modified
Thu, 16 Jul 2020 18:33:48 GMT
server
ECAcc (mil/6C54)
etag
W/"4a1c-5aa9347f97b00"
vary
Accept-Encoding
x-varnish
927673592 54271175
via
1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/plain; charset=UTF-8
expires
Sun, 20 Mar 2022 09:36:41 GMT
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 365D 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_cnv_n-amobee&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
0993aec610ae05224017015b240b0f78b0716ae3b910d34da9cf598d34f4b146
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_cnv_n-amobee&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5CqShjc2UGvhu4pnvK8plg; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_cnv_n-amobee&dcc=t

Response headers

Server
Server
Date
Wed, 02 Jun 2021 02:14:57 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
1261
Connection
keep-alive
x-amz-rid
7Q955Q3DK8QVYKHG2AC2
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 365D
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=77f870aa5e393c927364
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=77f870aa5e393c927364
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:57 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
58DKMDADTFRV0TE0PA6T
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 1713affce12abff65dc8b74f1260c723.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CDG52-P2
x-cache
LambdaGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=77f870aa5e393c927364
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
Xm8lnOWamKDgl-1tONOpTl_Vxe-iio-U_mFjL-Sg_zTlGsoNNg4apA==
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame CA98 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
52730fe4579eda022a1bf49ae0c6771de103e19c768a98e8b1b2815ffc7a212a

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YLbpoMR-9v0U88zYS2tDtAAA; CMST=YLbpoGC26aAB; CMDD=AAgW-QE*
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|45|39|241|90|105|190|221
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1759
Expires
Wed, 02 Jun 2021 02:14:57 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:57 GMT
Connection
keep-alive
Set-Cookie
CMID=YLbpoMR-9v0U88zYS2tDtAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 02:14:57 GMT CMPS=5208;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 02:14:57 GMT CMPRO=1167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 02:14:57 GMT CMST=YLbpoGC26aEB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 03 Jun 2021 02:14:57 GMT CMDD=AAgW-QE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 03 Jun 2021 02:14:57 GMT CMRUM3=5a60b6e9a105a0&be60b6e9a105a0&2760b6e9a10b40&f160b6e9a105a0&dd60b6e9a12760&2d60b6e9a105a0&6960b6e9a105a0&e660b6e9a12760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 02:14:57 GMT
current
amazon-tam-match.dotomi.com/match/bounce/ Frame 727F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
amazon-tam-match.dotomi.com
:scheme
https
:path
/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:14:57 GMT
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3777 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=103212
expires
Thu, 03 Jun 2021 06:55:09 GMT
date
Wed, 02 Jun 2021 02:14:57 GMT
vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 37D0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3074448325661272662
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3074448325661272662
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_n-amobee&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5CqShjc2UGvhu4pnvK8plg; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Wed, 02 Jun 2021 02:14:57 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
QP8JJVK7AZFXAPTTFQS6
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
set-cookie
uid=3074448325661272662; Domain=.turn.com; Expires=Mon, 29-Nov-2021 02:14:57 GMT; Path=/; Secure; SameSite=None
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3074448325661272662
content-length
0
date
Wed, 02 Jun 2021 02:14:56 GMT
pixel
uat-net.technoratimedia.com/sw/ 		0
312 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://uat-net.technoratimedia.com/sw/pixel
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
938248685
access-control-allow-origin
https://portal.tds.net
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5863
x-xss-protection
0
server
cafe
etag
12453517290502062038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 03:13:43 GMT
integrator.js
adservice.google.ch/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=portal.tds.net
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=portal.tds.net
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		439 KB
101 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=152741476650782&correlator=4428738466285672&output=ldjh&impl=fifs&eid=31061223%2C31060997%2C44741898&vrg=2021052601&ptt=17&us_privacy=1NNN&sc=1&sfv=1-0-38&ecs=20210602&iu_parts=5284%2Csyn.tds%2Cmasthead%2Chome_mtf%2Chome%2Cstream_1%2Chome_scm%2Cstream_2%2Chome_wij%2Chome_btf%2Cadhesion&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10&prev_iu_szs=970x250%7C728x90%7C970x90%2C500x375%2C300x250%2C728x90%2C300x250%2C728x90%2C300x250%2C300x250%2C1x1%7C728x90&prev_scp=lang%3Den-US%26amznbid%3D2%26amznp%3D2%26rpfl_elemid%3Ddiv-gpt-ad-masthead%26ar%3D0%7Clang%3Den-US%26amznbid%3D2%26amznp%3D2%26rpfl_elemid%3Ddiv-gpt-ad-home_mtf%7Clang%3Den-US%26amznbid%3D2%26amznp%3D2%26rpfl_elemid%3Ddiv-gpt-ad-home%7Clang%3Den-US%26amznbid%3D2%26amznp%3D2%26rpfl_elemid%3Ddiv-gpt-ad-stream_1%7Clang%3Den-US%26amznbid%3D2%26amznp%3D2%26rpfl_elemid%3Ddiv-gpt-ad-home_scm%7Clang%3Den-US%26amznbid%3D2%26amznp%3D2%26rpfl_elemid%3Ddiv-gpt-ad-stream_2%7Clang%3Den-US%26amznbid%3D2%26amznp%3D2%26rpfl_elemid%3Ddiv-gpt-ad-home_wij%7Clang%3Den-US%26amznbid%3D2%26amznp%3D2%26rpfl_elemid%3Ddiv-gpt-ad-home_btf%7Clang%3Den-US%26amznbid%3D2%26amznp%3D2%26rpfl_elemid%3Ddiv-gpt-ad-adhesion&cust_params=lang%3Den-US%26ml%3D0%26environment%3Dproduction%26portal%3Dgen4%26abt%3Ddefault%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1622600097&dt=1622600097569&dlt=1622600095474&idt=1314&frm=20&biw=1600&bih=1200&oid=3&adxs=168%2C-9%2C931%2C160%2C1032%2C168%2C1032%2C1032%2C-12245933&adys=12%2C-9%2C458%2C1166%2C1826%2C3025%2C3471%2C4378%2C-12245933&adks=1138528294%2C4156785310%2C1172002462%2C3913190169%2C2072394598%2C450585481%2C45174724%2C1575785628%2C1211393463&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fportal.tds.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1264x0%7C0x-1%7C501x250%7C1280x90%7C400x250%7C1264x90%7C400x250%7C400x250%7C0x-1&msz=1264x0%7C0x-1%7C501x250%7C1280x90%7C400x250%7C1264x90%7C400x250%7C400x250%7C0x-1&ga_vid=1488473743.1622600096&ga_sid=1622600098&ga_hid=336168660&ga_fc=false&fws=0%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C640&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C-1%7C0%7C0%7C1%7C2%7C3%7C4%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
09b024d182586fb9f1c8c66f795ada0c53d0454cf6f656e42f32e9bbc78875a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103823
x-xss-protection
0
google-lineitem-id
-1,4491472755,-1,159583172,159583172,159583172,159583172,159583172,5406049662
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138340893661,-1,138229706715,138239670556,138239670574,138239670571,55236690212,138315240762
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://portal.tds.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
showad.js
ads.pubmatic.com/AdServer/js/ Frame 65F4 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=153012
expires
Thu, 03 Jun 2021 20:45:09 GMT
date
Wed, 02 Jun 2021 02:14:57 GMT
vary
Accept-Encoding
usermatchredir
ssum-sec.casalemedia.com/ Frame CA98
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLbpoMR_9v0U88zYS2tDtAAABI8AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLbpoMR_9v0U88zYS2tDtAAABI8AAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJnqJ6rjFUNUNzvZlN4SgKQ&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJnqJ6rjFUNUNzvZlN4SgKQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 02 Jun 2021 02:14:57 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJnqJ6rjFUNUNzvZlN4SgKQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CA98
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLbpoMR-9v0U88zYS2tDtAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMcQGwjX_wSUA3H_JLERGIM&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMcQGwjX_wSUA3H_JLERGIM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 02:14:57 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMcQGwjX_wSUA3H_JLERGIM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame CA98 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YLbpoMR-9v0U88zYS2tDtAAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame CA98 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLbpoMR_9v0U88zYS2tDtAAABI8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:57 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CA98
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5BE016A651534D3C90DB348A637D045E
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5BE016A651534D3C90DB348A637D045E
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 02:14:57 GMT

Redirect headers

date
Wed, 02 Jun 2021 02:14:57 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5BE016A651534D3C90DB348A637D045E
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 01 Jun 2021 02:14:57 GMT
crum
dsum-sec.casalemedia.com/ Frame CA98
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 02:14:57 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Wed, 02 Jun 2021 02:14:57 GMT
server
nginx/1.18.0
content-length
76
crum
dsum.casalemedia.com/ Frame CA98
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1240362917277177338
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1240362917277177338
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 02:14:57 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:57 GMT
X-Proxy-Origin
91.132.136.92; 91.132.136.92; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid
0f154bd5-7e9d-4cbc-89be-7dc67e462e2c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1240362917277177338
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tpid=YLbpoMR-9v0U88zYS2tDtAAA%261167
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame CA98
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YLbpoMR-9v0U88zYS2tDtAAA%261167?gdpr_consent=&us_privacy=&gdpr=
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YLbpoMR-9v0U88zYS2tDtAAA%261167?gdpr_consent=&us_privacy=&gdpr=
49 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YLbpoMR-9v0U88zYS2tDtAAA%261167?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:57 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.27
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:57 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YLbpoMR-9v0U88zYS2tDtAAA%261167?gdpr_consent=&us_privacy=&gdpr=
cache-control
no-cache
x-server
10.45.9.68
content-length
0
expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame CA98 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YLbpoMR_9v0U88zYS2tDtAAABI8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:57 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FZX00NYTVSQS1CG9X95M
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 65F4 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=64856752&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b19ccacf309a594d5f9fa1182d9798392f68cf0e8aabb438cd23593f6028b8fc

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
vam-image.media.syn-cdn.com/4c/62/4c629f40f6e669cf4c2f91cb386fda90e8c2016f/w=732,h=411,crop=focus/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vam-image.media.syn-cdn.com/4c/62/4c629f40f6e669cf4c2f91cb386fda90e8c2016f/w=732,h=411,crop=focus/?app=portal&sig=2b95d8eca575c597fc56cb2f9ed3ed3b0a92f1cb14de96a5afbf47f8fd1ba277
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C57) /
Resource Hash
fe9ccee8726f3591ca557ccab153dcf514766f4353f35c4b4e8fa922ea2bed9c

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
last-modified
Wed, 19 May 2021 16:24:51 GMT
server
ECAcc (mil/6C57)
age
1158606
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
access-control-allow-origin
*
cache-control
max-age=365000000, immutable
accept-ranges
bytes
content-type
image/jpeg
content-length
27962
/
vam-image.media.syn-cdn.com/63/9d/639d43c3769182fdf3383a1f7cd0c94885b25102/w=732,h=411,crop=focus/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vam-image.media.syn-cdn.com/63/9d/639d43c3769182fdf3383a1f7cd0c94885b25102/w=732,h=411,crop=focus/?app=portal&sig=2b95d8eca575c597fc56cb2f9ed3ed3b0a92f1cb14de96a5afbf47f8fd1ba277
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C11) /
Resource Hash
988fbaf9e9e90d7457a9e72da5b336501cc8b770434968d45968aaba6111d668

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
last-modified
Tue, 01 Jun 2021 18:39:59 GMT
server
ECAcc (mil/6C11)
age
27298
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
access-control-allow-origin
*
cache-control
max-age=365000000, immutable
accept-ranges
bytes
content-type
image/jpeg
content-length
28678
track.gif
portal.tds.net/images/track/ 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.tds.net/images/track/track.gif?action=impression&cubecomponent=HomePage.Dcc.Card&contentarea=dcc&contenttext=Trump%20Reportedly%20Making%20Claims%20About%20Being%20%27Reinstated%27&contentsource=Newser%20%2F%20Getty%20Images&contentid=newser-trump_reportedly_making_claims_about_being_reinsta-rnewsersyn&contenttype=article&contentsecondaryposition=0&pagescrollyposition=0&ts=1622600097693
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.8.70.222 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.tds.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.tds.net/
Cookie
temporalchip=OTEuMTMyLjEzNi45MjoxNjIyNjAwMDk1; eternalchip=OTEuMTMyLjEzNi45MjoxNjIyNjAwMDk1; SimpleSAMLSessionID=547b16867f5c301a67bed64e23c43b69; session=594be7a5aad169ca000121f2b7eb487b371846de-1622600095; _ga=GA1.2.1488473743.1622600096; _gid=GA1.2.648079189.1622600096; _gat_gtag_UA_64147009_11=1; _pbjs_userid_consent_data=3524755945110770; trc_cookie_storage=synacor-tdsresidentialportal%253Asession-data%3Dv2_4e4a9af4c6a9aed722263864fbd94e45_0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20_1622600096_1622600096_CIi3jgYQn_RBGM-1gtScLyABKAEwKziy0A1Ay4gQSPqc3QNQ____________AVgAYABosa_ptcr9986tAQ%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522synacor-tdsresidentialportal%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3D0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20; _lr_geo_location=CH
Connection
keep-alive
Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:14:57 GMT
Via
1.1 varnish
Last-Modified
Wed, 02 Jun 2010 18:24:58 GMT
Server
nginx
Age
0
ETag
"2b-488103510f280"
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
X-Varnish
535326019
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
match
c1.adform.net/serving/cookie/ Frame BBFC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:14:58 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=5821613659031366264; expires=Sun, 01 Aug 2021 02:14:58 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Wed, 02 Jun 2021 02:14:58 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Fri, 02 Jul 2021 02:14:58 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame AF70
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4944437266062326293
42 B
521 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4944437266062326293
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4944437266062326293
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8; chkChromeAb67Sec=1; DPSync3=1623801600%3A201_197_219%7C1622678400%3A174; SyncRTB3=1623801600%3A21_22_56_161_7_54_55_13_234_3_71_81_8_166%7C1623196800%3A223_2_15%7C1623888000%3A35%7C1623456000%3A63%7C1625184000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:14:57 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-4944437266062326293; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 02-Jul-2021 02:14:57 GMT; path=/ PugT=1622600097; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 02-Jul-2021 02:14:57 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 31-Aug-2021 02:14:57 GMT; path=/
x-lat
lhrpug013:0:376
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4944437266062326293
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 5B66 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Wed, 02 Jun 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1343
x-powered-by
ASP.NET
date
Wed, 02 Jun 2021 02:14:57 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 8282
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969014351106078859
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969014351106078859
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969014351106078859
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8; chkChromeAb67Sec=1; DPSync3=1623801600%3A201_197_219%7C1622678400%3A174; SyncRTB3=1623801600%3A21_22_56_161_7_54_55_13_234_3_71_81_8_166%7C1623196800%3A223_2_15%7C1623888000%3A35%7C1623456000%3A63%7C1625184000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:14:56 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6969014351106078859; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 02-Jul-2021 02:14:56 GMT; path=/ PugT=1622600096; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 02-Jul-2021 02:14:56 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 31-Aug-2021 02:14:56 GMT; path=/
x-lat
amspug017:0:384
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 02 Jun 2021 02:14:57 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6969014351106078859; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969014351106078859
redir
rtb-csync.smartadserver.com/ Frame A167
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFekowN0JiZE1BQUREaFRPdXBaZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEzJ07BbdMAADDhTOupZg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
232 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEzJ07BbdMAADDhTOupZg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
waitress /
Resource Hash
9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
232
content-type
text/html; charset=utf-8
date
Wed, 02 Jun 2021 02:14:58 GMT
server
waitress

Redirect headers

Date
Wed, 02 Jun 2021 02:14:58 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEzJ07BbdMAADDhTOupZg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 8456
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8; chkChromeAb67Sec=1; DPSync3=1623801600%3A201_197_219%7C1622678400%3A174; SyncRTB3=1623801600%3A21_22_56_161_7_54_55_13_234_3_71_81_8_166%7C1623196800%3A223_2_15%7C1623888000%3A35%7C1623456000%3A63%7C1625184000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:14:57 GMT
content-type
text/html; charset=utf-8
x-lat
amspug016:2:192
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=86a0de18-f911-4295-872b-0ff6ad509572; path=/; domain=csync.loopme.me; Expires=Fri, 02-Jul-2021 02:14:57 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Wed, 02 Jun 2021 02:14:57 GMT
server
_
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D9AE 		43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A5CqShjc2UGvhu4pnvK8plg; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Wed, 02 Jun 2021 02:14:57 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
MVCEKD5FFA1XPBSBG4EE
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 65F4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=psGlQtBKRdSN45kvxdnF2A%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 06:44:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-2080-5c3aeac410031"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=103212
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
2586
expires
Thu, 03 Jun 2021 06:55:09 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 65F4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d9c660b6-e9a1-4400-a244-02b202e50d97
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d9c660b6-e9a1-4400-a244-02b202e50d97
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:06:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 02 Jun 2021 02:14:57 GMT
Server
MT3 3736 915c305 master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d9c660b6-e9a1-4400-a244-02b202e50d97
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Jun 2021 02:14:56 GMT
mw
mwzeom.zeotap.com/ Frame 65F4
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=392c1730-50b0-4dd5-9682-00e5b40a3ace&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=e4a290fcd068ced9c56ed9e4d98d00e9
  • https://spl.zeotap.com/?zdid=1332&zcluid=ee8940b9b43054b9
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b4bd0aa0-6aab-4696-5999-4b5327b64853&reqId=bdac04ca-8a51-426e-6f75-a0b997dc3224&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEEQwHgsh4xcnceeMNCtS4Z0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b4bd0aa0-6aab-4696-5999-4b5327b64853&reqId=bdac04ca-8a51-426e-6f75-a0b...
95 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEEQwHgsh4xcnceeMNCtS4Z0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b4bd0aa0-6aab-4696-5999-4b5327b64853&reqId=bdac04ca-8a51-426e-6f75-a0b997dc3224&zcluid=ee8940b9b43054b9&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
658d2bd5d94e64f1-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a6c19b9a9000064f12f012000000001

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEEQwHgsh4xcnceeMNCtS4Z0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b4bd0aa0-6aab-4696-5999-4b5327b64853&reqId=bdac04ca-8a51-426e-6f75-a0b997dc3224&zcluid=ee8940b9b43054b9&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 65F4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5821613659031366264
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5821613659031366264
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:299
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5821613659031366264
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 65F4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&gdpr=0&gdpr_consent=
42 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:404
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 02 Jun 2021 02:14:57 GMT
Server
MT3 3736 915c305 master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Jun 2021 02:14:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 65F4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=392c1730-50b0-4dd5-9682-00e5b40a3ace
42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=392c1730-50b0-4dd5-9682-00e5b40a3ace
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:387
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=392c1730-50b0-4dd5-9682-00e5b40a3ace
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 65F4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH04k5I6e2SoY2AhLI-ElM0&google_cver=1
42 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH04k5I6e2SoY2AhLI-ElM0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:429
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH04k5I6e2SoY2AhLI-ElM0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 65F4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1240362917277177338&gdpr=0&gdpr_consent=
42 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1240362917277177338&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:404
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:57 GMT
X-Proxy-Origin
91.132.136.92; 91.132.136.92; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.12:80
AN-X-Request-Uuid
94fae493-a2dc-4128-b5b1-ddc9dec61c6d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1240362917277177338&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 65F4 		43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 65F4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1B1KXiRE2uX4SsFCCFGNwYPItLkLhxc-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1B1KXiRE2uX4SsFCCFGNwYPItLkLhxc-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 02 Jun 2021 02:14:58 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1B1KXiRE2uX4SsFCCFGNwYPItLkLhxc-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 65F4
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1RyaNIYVmTPOTp46hknVO9cczGTOScw12k5IvEKT
42 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1RyaNIYVmTPOTp46hknVO9cczGTOScw12k5IvEKT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:370
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1RyaNIYVmTPOTp46hknVO9cczGTOScw12k5IvEKT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 65F4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=d59c04df-b7aa-4eae-ac1b-e4aef8869278&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9afa73fd-a392-4712-8848-229040e385e3&gdpr=&gdpr_consent=&gdpr_pd=
1 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9afa73fd-a392-4712-8848-229040e385e3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:393
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9afa73fd-a392-4712-8848-229040e385e3&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 02 Jun 2021 02:14:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 65F4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLbpogABQ51yOABg&gdpr=0&gdpr_consent=&_test=YLbpogABQ51yOABg
1 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLbpogABQ51yOABg&gdpr=0&gdpr_consent=&_test=YLbpogABQ51yOABg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:410
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1622600099.959588,VS0,VE0
x-served-by
cache-fra19144-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLbpogABQ51yOABg&gdpr=0&gdpr_consent=&_test=YLbpogABQ51yOABg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 65F4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3074448325661272662&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3074448325661272662&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:56 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:394
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3074448325661272662&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 02 Jun 2021 02:14:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 65F4
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7bff0f42-662b-4682-ace7-530ade9c6701&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7bff0f42-662b-4682-ace7-530ade9c6701&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:59 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:382
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7bff0f42-662b-4682-ace7-530ade9c6701&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 02 Jun 2021 02:15:00 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 65F4 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:57 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 65F4
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=ab3e1485-58df-4782-801d-bbcc1d3e9c37-60b6e9a2-4348&gdpr=0&gdpr_consent=
42 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=ab3e1485-58df-4782-801d-bbcc1d3e9c37-60b6e9a2-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:481
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=ab3e1485-58df-4782-801d-bbcc1d3e9c37-60b6e9a2-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pubmatic
um.simpli.fi/ Frame 65F4 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 01 Jun 2021 02:14:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=tds.net&host=portal.tds.net&success=1
Requested by
Host: tesseract.media.syn-cdn.com
URL: https://tesseract.media.syn-cdn.com/tesseract.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 66DB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://portal.tds.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.tds.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 02 Jun 2021 02:14:57 GMT
expires
Thu, 02 Jun 2022 02:14:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 267B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://portal.tds.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.tds.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 02 Jun 2021 02:14:57 GMT
expires
Thu, 02 Jun 2022 02:14:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
grumi.js
rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/ Frame 53AB 		211 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:f800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847ac095d407715f2712592f4c4becc5caf0390e073c087553578142a60239d6

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:45:18 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 01:36:57 GMT
server
AmazonS3
age
1781
etag
W/"5169f39b8d2e851ee11e1f085ee2c1c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
vA40TvpoxyVfQI2RGpAhh2tPzBWLF5.A
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
CDG52-P2
content-type
text/javascript
x-amz-cf-id
VXnIVOFU1W2JYmUev5iNjvpEk2dwGjdWwYL9knoMVmj7QRMEPXHMrQ==
grumi.js
rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/ Frame C657 		211 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:f800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847ac095d407715f2712592f4c4becc5caf0390e073c087553578142a60239d6

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:45:18 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 01:36:57 GMT
server
AmazonS3
age
1781
etag
W/"5169f39b8d2e851ee11e1f085ee2c1c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
vA40TvpoxyVfQI2RGpAhh2tPzBWLF5.A
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
CDG52-P2
content-type
text/javascript
x-amz-cf-id
HuRZhzuKUnqijgRcyS9Yc0x4pXzqeMg3Y4oJiglIwngqsUOn1UqoMg==
grumi.js
rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/ Frame 4FD2 		211 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:f800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847ac095d407715f2712592f4c4becc5caf0390e073c087553578142a60239d6

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:45:18 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 01:36:57 GMT
server
AmazonS3
age
1781
etag
W/"5169f39b8d2e851ee11e1f085ee2c1c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
vA40TvpoxyVfQI2RGpAhh2tPzBWLF5.A
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
CDG52-P2
content-type
text/javascript
x-amz-cf-id
bydJUMWMkZp8D0b57gydTnbvZKFjRjZPhcvOlJGu1YypBSw728PNww==
grumi.js
rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/ Frame F411 		211 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:f800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847ac095d407715f2712592f4c4becc5caf0390e073c087553578142a60239d6

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:45:18 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 01:36:57 GMT
server
AmazonS3
age
1781
etag
W/"5169f39b8d2e851ee11e1f085ee2c1c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
vA40TvpoxyVfQI2RGpAhh2tPzBWLF5.A
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
CDG52-P2
content-type
text/javascript
x-amz-cf-id
9LZL2gxR3NHEaGMQ0xgakulsjO-0VB0GBWE33bvPaEyjYWjFluh63A==
grumi.js
rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/ Frame 6BB7 		211 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:f800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847ac095d407715f2712592f4c4becc5caf0390e073c087553578142a60239d6

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:45:18 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 01:36:57 GMT
server
AmazonS3
age
1781
etag
W/"5169f39b8d2e851ee11e1f085ee2c1c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
vA40TvpoxyVfQI2RGpAhh2tPzBWLF5.A
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
CDG52-P2
content-type
text/javascript
x-amz-cf-id
eUnMiAGml3_LJ5fVWtr6Nfve4qdSroCdDChsTXdeGEAxdh-nHGTU7Q==
grumi.js
rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/ Frame D587 		211 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:f800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847ac095d407715f2712592f4c4becc5caf0390e073c087553578142a60239d6

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:45:18 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 01:36:57 GMT
server
AmazonS3
age
1781
etag
W/"5169f39b8d2e851ee11e1f085ee2c1c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
vA40TvpoxyVfQI2RGpAhh2tPzBWLF5.A
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
CDG52-P2
content-type
text/javascript
x-amz-cf-id
vxIsFDPhpoagsVc2fkRIPDaP-m5vB-yqszjmDqsl6ouTtoMrVubTow==
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Wed, 02 Jun 2021 02:14:58 GMT
bulk
trc.taboola.com/synacor-tdsresidentialportal/log/3/ 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/synacor-tdsresidentialportal/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=4
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210531-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
61
pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1622600098.249440,VS0,VE61
x-served-by
cache-hhn11524-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://portal.tds.net
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/synacor-tdsresidentialportal/log/3/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/synacor-tdsresidentialportal/log/3/visible?route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210531-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
67
pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1622600098.261763,VS0,VE67
x-served-by
cache-hhn11524-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://portal.tds.net
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
9560
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
3fxKGKGG7x9smUgGRZY3/0rYOUUaxLooyKppUJbwjC3F0De0S2w7jAiA03CoGdM8qf9YzUtHXMg=
x-served-by
cache-hhn11524-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1622600098.261738,VS0,VE0
date
Wed, 02 Jun 2021 02:14:58 GMT
x-amz-request-id
BZA2MM8GAVQZA74K
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
76
x-cache-hits
1756
json
trc.taboola.com/synacor-tdsresidentialportal/trc/3/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/synacor-tdsresidentialportal/trc/3/json?tim=04%3A14%3A58.259&route=AM:IL:V&lti=deflated&data=%7B%22id%22%3A62%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_4e4a9af4c6a9aed722263864fbd94e45_0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20_1622600096_1622600096_CIi3jgYQn_RBGM-1gtScLyABKAEwKziy0A1Ay4gQSPqc3QNQ____________AVgAYABosa_ptcr9986tAQ%22%2C%22ui%22%3A%220b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20%22%2C%22uifp%22%3A%220b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20%22%2C%22lbt%22%3A1622458655012%2C%22vi%22%3A1622600096463%2C%22cv%22%3A%2220210531-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportal.tds.net%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22ccpa_ps%22%3A%221NNN%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5500%2C%22nsid%22%3A%22synacor-network1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-r%3Apub%3Dsynacor-network1%3Aabp%3D0%22%2C%22uip%22%3A%22dcc-slide4-js-v2%22%2C%22orig_uip%22%3A%22dcc-slide4-js-v2%22%2C%22cd%22%3A274%2C%22mw%22%3A747%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210531-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
68a7e53a99b0b3d5d98b3cc31bdba1faad3067e07c640d862da60a65c02ec28e

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
155
date
Wed, 02 Jun 2021 02:14:58 GMT
content-encoding
gzip
server
nginx
x-timer
S1622600098.268995,VS0,VE155
x-served-by
cache-hhn11524-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://portal.tds.net
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
init
gw.geoedge.be/api/ Frame 53AB 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:6600:10:43f:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
CDG52-P2
x-powered-by
Express
x-cache
Miss from cloudfront
access-control-allow-origin
*
content-length
0
x-amz-cf-id
IjmjHR5Ylkb7dkMLgyHfGojHBxsj7L0DWWafrVEo3tLHv0kTiD5etw==
view
securepubads.g.doubleclick.net/pcs/ Frame 53AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3SoRiNp6PU8CkmVrKrKc5U0anxoMKEg8mp4pzuVrYHB6oWP7yEKI5ueGY3EPi7WfbHGCvKy8dwzNrmeT9QQUJ6P78OcKo8gRLgQCE2riqjE_Wpto5pWmC_YtRmQy7XTrT_d_DJQow-TgYvtH9vGzfTEX2lhUwCEWqUXxvBUeGLq2RWSFFBgGlLM7KZlgbQXJnM7T614gfPHZZBfT8KwfSSYMXF7_d1D8L74r8BdpZk0jRp6m-FchwOPk8YykCSk2k6-V2GXa5FBqdSidS7h-bIh3Qhbbmj4kohL3Y&sai=AMfl-YT25lR7fPObe5olZNOO4xkQV--LtIRr-M7tBy8akgo6PfRBy_5mALCvwFX705I9Mt7-v6FvfQznukapCTiuIXDca8Z5iX13pSaq7CqHMKdgs3nbmVJQa5RpDxw-YyI&sig=Cg0ArKJSzOYHlSgddg_dEAE&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame 53AB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:03:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
13581262519725736155
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 02:03:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 53AB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
735
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 02:02:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 53AB 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Wed, 02 Jun 2021 02:14:58 GMT
14944451173188881356
tpc.googlesyndication.com/simgad/ Frame 53AB 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14944451173188881356
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c557ad7722d641a3231483ccf17eb24177be66b7033f03031217613bbf90f07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 07:21:42 GMT
x-content-type-options
nosniff
age
499996
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56832
x-xss-protection
0
last-modified
Wed, 27 May 2020 18:25:52 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 May 2022 07:21:42 GMT
init
gw.geoedge.be/api/ Frame C657 		0
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:6600:10:43f:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
CDG52-P2
x-powered-by
Express
x-cache
Miss from cloudfront
access-control-allow-origin
*
content-length
0
x-amz-cf-id
YkGPkIUUyZ9u7f9SDBUEmG8ZtxHj4fQFf2fJPsKcaG_PEzAW2RY7DA==
view
securepubads.g.doubleclick.net/pcs/ Frame C657 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsut-uX7FWbbkZ-rcV2BogOwbNHwXYxika9BCQmpT-j72gI7Yk9bJFA5reQ-hwPeNcEoUsMJP58YMoMRD3SFP_Rnxq4YRANT9cuL17FfuMTqZY03J-Rvj42bmr_DdRD9COy0dnQyYhMpN9KwIXXxvFXNL7-cMdwoLU5fl3G-XxjhmHOBc3DJeuR5NPjNt-_-E8HXF0ABZjQJFbSnqfY22cooT7c0dgNDihzsA2C2Suwbh_K4zPdIvzNUftBZ78oAqW5TLfaznPNiuU5Ea2Hm-7PMQnwwXgJ7NxMWqyg8&sai=AMfl-YT1HvPDZ671HExYIcGSpCXOLap1z9zocn7Znm0l1QlpU0Sv4fWRKpvU-rwbvAvDyQKa9ZZKexXad3V_qY0x1usVDBcg8FPw6HG_Ski_nPqx5DNv3In4bGNgaLmQGQA&sig=Cg0ArKJSzF1dHFDolcxREAE&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame C657 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:03:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
13581262519725736155
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 02:03:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame C657 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
735
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 02:02:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C657 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Wed, 02 Jun 2021 02:14:58 GMT
l
www.google.com/ads/measurement/ Frame C657 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqX-sdBAcFzP61M1T7EO6JTh1j3FdwKHMROfSB3OmdYqNOI-x1RuuffluiBzXDx7ro177Q
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6726842172134798050
tpc.googlesyndication.com/simgad/ Frame C657 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6726842172134798050
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25accb6c30b3ce1e5dbce1be7ecbd995cccf31f3bf452880c9109f99768712c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 01:05:31 GMT
x-content-type-options
nosniff
age
90567
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105463
x-xss-protection
0
last-modified
Wed, 27 May 2020 18:30:31 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 01:05:31 GMT
init
gw.geoedge.be/api/ Frame 4FD2 		0
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:6600:10:43f:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
CDG52-P2
x-powered-by
Express
x-cache
Miss from cloudfront
access-control-allow-origin
*
content-length
0
x-amz-cf-id
mDoCWrE_2CGYpGcTdWvBWV_CSjqPjDq4FHk3kVxsouGgOCa4PUjrRQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 4FD2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunpsq7tFofTBtfNbjUIUTPc0_DG0jSTCLIhFb-rGLxlaGm1k4SGUvIdYAN-5KTHQDLSPFPfesRvujmMujAQBDArfw81JbxD16ELIehQE8YL8JlA3R_qkFefxG3oCEx7DMbkDgdZoPfr5pCckukYoEyqIJ2Po8Rwt5HJlr2WdpfUdWWvGAU6Acrg9AN2XM8d81Y3RngHEfZHBAh8zSJPBypnwbNVEK9yjPLMJ74zC0zE2LRE6mU4Bq2X8852-Gav-Ba-61MV79Y5-FI0DKqL0cLkOkQhEcFnPpsojHK&sai=AMfl-YQ3MVspoN1wIWfLeUZWGp5LqPT6aaCo7olK1kAnoiawyu1vZcxZTJif6nu1rcjUWo_Oqa399DJirZonEyWg0IKrI3phWJ2uM_yiQPKa1U8G_x5A3N-QWWbkTRqckbE&sig=Cg0ArKJSzLrxTVTsoXsZEAE&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame 4FD2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:03:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
13581262519725736155
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 02:03:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 4FD2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
735
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 02:02:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4FD2 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Wed, 02 Jun 2021 02:14:58 GMT
2619584075306583721
tpc.googlesyndication.com/simgad/ Frame 4FD2 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2619584075306583721
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6e99a33a6e79c03b4f01763c9b6387672be4b1889988a91ac84d37b597276c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 06:55:44 GMT
x-content-type-options
nosniff
age
501554
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63645
x-xss-protection
0
last-modified
Wed, 27 May 2020 18:28:50 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 May 2022 06:55:44 GMT
init
gw.geoedge.be/api/ Frame F411 		0
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:6600:10:43f:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
CDG52-P2
x-powered-by
Express
x-cache
Miss from cloudfront
access-control-allow-origin
*
content-length
0
x-amz-cf-id
JRMg6_CPLXJNRqLf9ObVQN9I2xEwk1hubFuuxy7HPzdwkyPYehoDdg==
view
securepubads.g.doubleclick.net/pcs/ Frame F411 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmkKxLXaXoGL4KlT-hSQz14YqRVznP6pLrBxyaNNZRMosihy3iAtf-5cwZdoFZy7h3sgGBz2_tyJq1ZvMPqr0XUnLMOeTdGIba95rgYvYNcX22C1EIYefpHeS6BxbrcSsfPY0uPapCvi2ul_Vida__q_MEv-RfDBQk2glUkKK3dQJlmc6t7zC7pfMlfDhppFDiaPLqh8jWDGfDDx9YMyaY9YFcUoSlYzUXOf0PU9qPKqePsqSLTO8iYT6SRVhEXxT2tBuJswe0_gcH8ZXQMDEBBkywc2bPc11pvJbB&sai=AMfl-YShMrWZJ6lSzJME23AGXqdnz1ANdxJn0Av4Imu01e4LWA1Y1IIwqYo56dhU6c3aFd5u37dQVuo4YbrmfA_76fAdPAiMNDxHmnq4Y7pfGsOiHL4S5iVDFv3Xu6svu8c&sig=Cg0ArKJSzOoWyroZuBrtEAE&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame F411 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:03:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
13581262519725736155
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 02:03:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame F411 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
735
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 02:02:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F411 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Wed, 02 Jun 2021 02:14:58 GMT
l
www.google.com/ads/measurement/ Frame F411 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTo6RAac3YOI8A2dJF4rythl4lsjfblt2KaalY0EZiHCABsnDDXe-l597NN5uDHCbGpvBsB
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
10289694241826136562
tpc.googlesyndication.com/simgad/ Frame F411 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10289694241826136562
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
862ddaa83471c525dc8abe2e478c2e5cb012ad260830d1b00e626396cf403da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 06:48:52 GMT
x-content-type-options
nosniff
age
415566
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97177
x-xss-protection
0
last-modified
Wed, 27 May 2020 18:32:16 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 May 2022 06:48:52 GMT
init
gw.geoedge.be/api/ Frame D587 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:6600:10:43f:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
CDG52-P2
x-powered-by
Express
x-cache
Miss from cloudfront
access-control-allow-origin
*
content-length
0
x-amz-cf-id
4tDFNQlo7hRIl9nsQPu6nDEfQxnifU4Lh_ZWxv3EtFSDR7sy17RYKg==
view
securepubads.g.doubleclick.net/pcs/ Frame D587 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunbyRc-Fj3oFcqQpip-eImarzlW-nO_VIdwrG4V2r66RspH89Fw30tvCIIqqwKWPPEayH4vzAvRzIpZCu_yBuvrNWESFkgOFV4q90NqlwPirUY-UTBQK-sX9x16dT8uflFq76YuCktp-UJkgvgDs3wbrlRd04Xw-8HUYaV2qcB8vGq_8z4WkgmN9Px4NpUBmOfWXA2bGxwUSJkUUWBNMhU_mXngDOZvGeLagrW2JhaUHNSiNoOxG236MPXuCxgeHKZj3o1GZ3iAn2Jgows81quB6Yz_eDZHPjtaF5kRA&sai=AMfl-YSh8-dKXlLXLSFDosxa0LQLtEZ-Bdst3Pamf_chx0UnB3XlFnTphByzOu687CIImlbAYzbBOlrQYxz6oPASiYHh-GyPxU21ld_SLYBKOvIANHLgMaDyQwTiFEca8_E&sig=Cg0ArKJSzK9YPWMDK-_2EAE&urlfix=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
loader.js
cdn.taboola.com/libtrc/synacor-display-network/ Frame D587 		84 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/synacor-display-network/loader.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7057dbd0c1b43c05a70dc5a953ba9d83c8ced2eb7a49daf9fe4bc29a0b9aab87

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OQzAIfuS6JO4wjS0RspRjqbLh8msDa2d
content-encoding
gzip
etag
"a3a36f41eb5b9034beb0bd8d1e6eebfa"
age
0
x-cache
HIT
content-length
20583
x-amz-id-2
hFHWXOXHD7tscYTYWLpp4KQg+eITKjp9j8zisEF1IqhQ7jykTbyljgm7PkFwPCJEwSvjrk0IcX8=
x-served-by
cache-hhn11524-HHN
last-modified
Mon, 31 May 2021 10:56:27 GMT
server
AmazonS3
x-timer
S1622600098.327738,VS0,VE98
date
Wed, 02 Jun 2021 02:14:58 GMT
vary
Accept-Encoding
x-amz-request-id
8EE41T5XRDNYN5YQ
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
73
x-cache-hits
1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D587 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Wed, 02 Jun 2021 02:14:58 GMT
init
gw.geoedge.be/api/ Frame 6BB7 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:6600:10:43f:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
CDG52-P2
x-powered-by
Express
x-cache
Miss from cloudfront
access-control-allow-origin
*
content-length
0
x-amz-cf-id
2GcjetEdUWK0dr4nDRRqF_2GrQiF1iCuh7ZR1bF-uY5ywiM0HWByFg==
view
securepubads.g.doubleclick.net/pcs/ Frame 6BB7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvllpbPfWb9l-BnI_5NPte2iaQa3ICfg5CkSbyI4tpzrHBZ-usaucIT0pUKtfcI6OomuWgkpmvrBH0BPC3w8vupCcS3bOd_5cwBeH-88g4yqJ9SshUEy0-TcX0ZmNhV3WhnKRhaWi4gzmYSVAPlDkylZU5mckXjgDW-j6joaHuJJ5BUh3anDo3E3iwX2td2ddIFB-SLPZGQaFElNquYKK9mkw9Gb-P_Q9BkGbgxna4ZkWel7Lp-U2LNLxPMREytmpLXLPjlYrGJSSrWD0ATMTRE-UxtfQsaS2shK5PY&sai=AMfl-YTqG6l1ZX6FPUvsprbBa4u1R-sJpEblq64SFEfo3yOKOpq4oHBy6bjQ61ZDdQnu2FSRSMcAU9ItFZeW-wVR3CxryaL4aIbI3CkxA99xGcQrlxbaHmus4vCYj6LF6do&sig=Cg0ArKJSzDTkQEY2-QqvEAE&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame 6BB7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:03:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
13581262519725736155
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 02:03:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 6BB7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
735
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 02:02:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6BB7 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Wed, 02 Jun 2021 02:14:58 GMT
l
www.google.com/ads/measurement/ Frame 6BB7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZlt6X6PZmOniUKZGciiTPtOrM74qKsDMJtTh1chrbAU5caJg9PQ4aGgYf0J9Zehv9zc5J
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1696492806622160995
tpc.googlesyndication.com/simgad/ Frame 6BB7 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1696492806622160995
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6110d2b61351378c20c51bdb27c214dfabb0c3220a5591cb5aa602b6f327cce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 07:13:14 GMT
x-content-type-options
nosniff
age
241304
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71623
x-xss-protection
0
last-modified
Wed, 27 May 2020 18:32:54 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 07:13:14 GMT
grumi.js
rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/ Frame 267B 		211 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:f800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847ac095d407715f2712592f4c4becc5caf0390e073c087553578142a60239d6

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:45:18 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 01:36:57 GMT
server
AmazonS3
age
1781
etag
W/"5169f39b8d2e851ee11e1f085ee2c1c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
vA40TvpoxyVfQI2RGpAhh2tPzBWLF5.A
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
CDG52-P2
content-type
text/javascript
x-amz-cf-id
5EAx70qfImwuVC3y--4hpTuPaTJvaKrs2AzMyKF3RgPYvFba4Ft6iw==
grumi.js
rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/ Frame 66DB 		211 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:f800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847ac095d407715f2712592f4c4becc5caf0390e073c087553578142a60239d6

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:45:18 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 01:36:57 GMT
server
AmazonS3
age
1781
etag
W/"5169f39b8d2e851ee11e1f085ee2c1c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
vA40TvpoxyVfQI2RGpAhh2tPzBWLF5.A
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
CDG52-P2
content-type
text/javascript
x-amz-cf-id
HGC5J_3cjs6CI5b20b_Yjswuv9prfjJieJkfg-4QOUQ-xVtn5Ey2Ug==
view
securepubads.g.doubleclick.net/pcs/ Frame C657 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOFwsoxOHeeYRRj-v1714lgokmwAyftxVUMtURKKqdiY3VXl19_mBJkNUQPtcXQpNwuvdHDUgn1mAeORsreCue8EEsxPJppdcJPE-D4v_-Q1Whcu6c0YgZxLm4b1_uPj05IgCqGjRYg1RGxP1XKCMCKbkpM5KFuYrxWuGB14HSdN_9y5v21gNtcqexGM6M5bqx22QO5Ri2Fk1v7GBqpCvYRL6XkL0zWafBoF7QNS2QlM1JwvPk6OemuL6vcVfHhGLLF8I-GiGmRhos-IOPAzffMLqL9tOvHTyq1rQhjqo&sai=AMfl-YT0E5Jv-MvuZH871g4dESO4j6jIN1oCbKnKTKcPFFV4EvSg2OYTnesQ-Wzoq1czFRndf_K2Ojr-rMEKVJRxevp3ga4t005wMn81upHt35TiGzWe1c0VAmF7RVSRt-I&sig=Cg0ArKJSzHGDFJTQpk3lEAE&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 02 Jun 2021 02:14:58 GMT
truncated
/ Frame C657 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd62addfadaacd04a6f53b473057ba75dbf2f363a21a496fb6d00ceb9ff21d94

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 53AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHZ2Xqx3eA5Adg3dBZtJ5A10HnsCZlHFiG79d2PXJFb3ZoW0ytTfXdWBQd4zlHzOZOreAy_9fTaoKhY3LaBQCObgGA4HapL138BXEM3XYFUelNMutyyHR3qwrPY8pd_ho9hzQXl_yPiPai46Q9idmOGnNtHiXGd1VJqU67PVhjWvGTawPm0MJkh-8gQ94jCxlzxabLbJ5hgDB7qTT3xcYcBnFkiW1vM-1cCMQD4wCQ0t9A8ibJH2-anF_LOaN-uGr-BmQ6XHXMIYjTA_loY8tN5CMlbViudwMBiMwNWks&sai=AMfl-YSydxIx6uaVxGTIsbBAJ6dJuEbXHaUsezSmHvYPKqQWY2dT-a3UXDYA79TYhMMwCpQH7KWi-__bMKcXAvDx_pIxm1iS6uq58dDxj78fOGW92oQg8GAFkVua0gYFDwk&sig=Cg0ArKJSzE20mzKKh0oREAE&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 02 Jun 2021 02:14:58 GMT
truncated
/ Frame 53AB 		204 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dfd3c54c42cd92ee7a8329c30edad1f1e49123cd04755de0f127fc7ada59774

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4FD2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYrF4_o5BihCuZEC41Ynt0eNL3TH6tKaXBvi7XHRhl22KLNQ-cPXRgw-SIm57ImR1BPCmW_zOw6D_Pdy2tlTqqJChcANgN5gAOKBsg_ZuKm0cf4joIpsy-fKdCBv8SqmZWX9-V5FzclhzJW7omF_BJWxEduoij3ZAKxjUw5kG26Lc-DRYiVRNJbOn1pfhd136li1_WG1WLU5Q5f9VMzvKjIPuF9t41A04rk84RRpb8_6VAduo-ZGsChkpeoswPv5RxvdxRAW3j9-_zEFbz-JLaEGaXm6mJi5-p75jLSqg&sai=AMfl-YRR6ctS-UxuCU69gPj8v9_iwC5L5F6FBV8--8JkhOrJoshDb0YI7SZj9ziO5O2O7SNE_mRGI5xbvNQ6WxVJYVy6UW1MyNPyCiUE_4xboSZFmu7NYb9ZkQuJrmk3JA0&sig=Cg0ArKJSzLRAxve7Fq2IEAE&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 02 Jun 2021 02:14:58 GMT
truncated
/ Frame 4FD2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ebb2cd0dd16ca99e4ae36a42e6a5622e55da85503f9857915ff1b545a00316f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F411 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoHoFYOFyy5NRaQMUvn_eRyZeMYmDiN4NrhGFP0C3v4NkfXeXAw35a1_jk7nSxT5gBUWMfhHK0d7Lel7KMf3U2g5dWacEwysCTpSj4wT-1Mp2hL6TS6dlMY9pESHykWYLQ3Csw16x6j7j1JIoFZQ3xVbVM1GwqYb8mPZJg685y4FfQKymcc3BBFq-LdruU30Tr_L3aE-M4SBzIegl1p5K8fwS_M4cGLQ1JwKURtTswiMeVf-3fz6_v5ly5HJnJj3O2R3zj9s6LLBPBohzou6oO1FsGxRgoVC0a9HtZZSU&sai=AMfl-YSliqeKKezimFwgWYMtiadP5_-UiAf9KUKzDPjH8agHvpoWEYExDIQzsjs2-T859-J9M7zeD1a35AH1NUfB_0x7tDGm6Sp3xo4noA86BnA6B2LtHy0aqlYnkjO3UMs&sig=Cg0ArKJSzBAS3m0-EqLTEAE&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 02 Jun 2021 02:14:58 GMT
truncated
/ Frame F411 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1874468f24e2c482ae9d25e2c03a7c45740d2546d97cf9cd69c99f91879d36f0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6BB7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbRZGUwHEOXUORZOBXyS0CgQ2oPSLZC8HB-tlso9QqmBRht3lkTZA7Eeb9Qgr5tML-csS6KH_NrDjuKKPHOK1wbf4Qtbuwi0eMLcj77HOqa-f3Spsr0-wyQ_R3LlhAxfZ6srEdykT7k0cPZF_NzU3tIhiXkTsMdkVhBkNnba3DnpBc3ytOnLSnXek3hmXGfwo6h8ZDOaAKr9aLTt4JnKgFVaRZYocbNZ5qf6sREtl2ytwjnIbZUvLiSYvhFmVaQptMjCXKl1M3i197GvVr_teUinXcYC3E7C1-ejgJuMQ&sai=AMfl-YRFRa5ob8iFmCfR47kwKCYQpG62yuIon5Q4TWa2m96QCPWkbNuAj5kZjXRPuxpbScJC_ObmdQw7sbygjGRWw5y9drtzPfH1Zy3QNQj92sVZZq36O--X6McpQpFVXlg&sig=Cg0ArKJSzMgIqCO8XfxLEAE&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 02 Jun 2021 02:14:58 GMT
truncated
/ Frame 6BB7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e301fff55abbb90982e67451995f9b0ed0eceda3ed7e1f022af6b0d3c8744ed

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
a7d05af5e60e8707568c7b40b90566cc.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a7d05af5e60e8707568c7b40b90566cc.jpeg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c93c763b93788481816d304d396b093bfe4ce127210216737b8bb08ebcc0121d

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 varnish, 1.1 varnish
age
2398997
edge-cache-tag
338482543424149532371254866430263034576,296976295446780505124068076499017006972,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a7d05af5e60e8707568c7b40b90566cc.jpeg
content-length
121576
x-request-id
34118e38aa312e52203eddd4b601d0af
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 04 May 2021 13:48:16 GMT
server
nginx
x-timer
S1622600099.644796,VS0,VE1
etag
"42256673ccc496a02fd22ecc442de297"
x-served-by
cache-wdc5562-WDC, cache-dca17726-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
impl.20210531-8-RELEASE.js
cdn.taboola.com/libtrc/ Frame D587 		493 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210531-8-RELEASE.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b92f05aef3c172d5c32bed5cf316731f7f53961622b772bf4748838de45f4737

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JXR2p9zuqYJfg3304ler9RZ9L6OK299t
content-encoding
br
etag
"82b2b53fa1482cac80e0c9ac90541df9"
age
27006
x-cache
HIT
content-length
115699
x-amz-id-2
taCWrBBLd9yhFPoIO+zrR0vuAlveVojHnrj9f0Q64yYGhSm2fH74KmZ1+Mp5gnb1nSCHfkPWq94=
x-served-by
cache-hhn11524-HHN
last-modified
Mon, 31 May 2021 10:43:06 GMT
server
AmazonS3-br
x-timer
S1622600099.649600,VS0,VE0
date
Wed, 02 Jun 2021 02:14:58 GMT
vary
Accept-Encoding
x-amz-request-id
4PS250W0D7BPKZNK
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
76
x-cache-hits
121614
beacon.js
sb.scorecardresearch.com/ Frame D587 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-71.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:06:45 GMT
via
1.1 cf82d48fdf484813132bbd9c90904672.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
494
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
content-length
1469
x-amz-cf-id
2ncG592BDAKUV6fW1YllJVG7v0ejWvSZBp8vFesPCVXNJvE98_1RDA==
truncated
/ Frame D587 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5584e3ddf5f6732a18a1ddda2f2825169918c19868c82fb00f0b9e58902b0292

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
init
gw.geoedge.be/api/ Frame 267B 		0
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:6600:10:43f:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
CDG52-P2
x-powered-by
Express
x-cache
Miss from cloudfront
access-control-allow-origin
*
content-length
0
x-amz-cf-id
8xlakWximAM-bAh4JYzqvdZZjNvQ4MJDJxxlq14S4FUq7P8t5SH-_w==
init
gw.geoedge.be/api/ Frame 66DB 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:6600:10:43f:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 16a28c0e67da18fa2960e2e414084d77.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
CDG52-P2
x-powered-by
Express
x-cache
Miss from cloudfront
access-control-allow-origin
*
content-length
0
x-amz-cf-id
tI_vKKMVnCEpU2DOV08LWKHgsRrDd3njaqaU-JGufh_V7guJcCT-Ng==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1115 		478 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhiyrKSaATAB&v=APEucNVJ_VOrBplKvWslw0srcR3eJrC3LtRn0Ej_ikVaAxb6EwRLzZhW8p-HPbguLitZkpbNcBsKeel8wSt8pf47K9AVx6S51Q
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMDEjwIQuMCtAhiyrKSaATAB&v=APEucNVJ_VOrBplKvWslw0srcR3eJrC3LtRn0Ej_ikVaAxb6EwRLzZhW8p-HPbguLitZkpbNcBsKeel8wSt8pf47K9AVx6S51Q
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlnT71ErJyflgcdPGJZvrdBGuuARaBf1iEgONtu-MN821QRFn7aHRyWGOK7_lY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 02 Jun 2021 02:14:58 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Jun 2021 02:14:58 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 267B 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DL9-_m7WDwKOTjaKKY0i-bTUils3v-cgceOl1qGWHejPHBIvSWxut-YCURYF4CndeHbaWAnrbjMhw32sv3id0tWksOFJkjBvjlFwk4MJ_mCRmYpu_G0HpVsn1swdoGGwmzMomOQ-uxMrdKliueBpbXxkRTKA&dbm_d=AKAmf-A8GVUeFGbVo3CW-egq2uGcEBRAY4kJeXBf-JxH3BldBumP1G_ZHoW5OG5o9OI8tPij1RpgRw_qNEgViDe0GSGYi7lSZkCcwVG9MPHBCPU6EAdRCwWWjiNj69ZOPgUsFHlrR1oT-jUpdOx9PuRlst0cOuV-s6Re7bq4k1HrSJKeCl5ujHIVor7cxwtz68h8zZjv6A0UYWCrvICqsJolM_kh4Cxx0SpjHB_v5JG9FHkmntnZLnKutSZJaQ5Tu-TXaWu8umfgJ3HwKUmX5oeUu9fGmdpdCQwQAN7aB1c1X1f5D3Mf8RUT-40KsfVcTxiGpDF3z5KZ0ehQBLvM4RkD9AQ1eldsvkYz_HbvEvbrxg53PGy78JenJSf8Bp99Aa4uS5C09azuINlUS3bgjS-UCCsp3wzI1kAbI_cZ2XAyJXBJ0PU-nLzkqulUs1zFnMEfvM3JVRMdjsYD9KDMn-Y-Im83cqb3S_iZPmj8PReGN07-r1IOHPfN0leSe9HqZy7pST4KfyGvKHvNrOSH2_tJhlkdTldKlpo75-D7O2XkT3iwbOg3Bk9RyudChUY0GsS29JcxNYxyEb33vjB8KbVqU-fPrKA2kAeWhrt1jdlZ5iNWhLZ_NW9hiX_LjbaJMbqks7B1SZHfhMJ4nHzs_XCePpQRv2E0QyA0qQCWu5zhIX2svz17KlXqPsVPqaYrZbgjtLSIP2J4hNgLnbnAZcr-voLdSx6YTPaX-k3p8C0ZTZWh-8RZ4gQSLcnKyKWiUeTJhYThc14qL_4Bqv4CSbQmInVtWZyOjNCA8K3y80Rn-426r1MsiA56Qn_XzDd38np0paeHmeb1YX_460uI2RqVmsaZ26vjuZIBMi3a5NParY4iRQEvuZUiTvqZHojmQ7Sg6pw6e7BADCn5uw1Fr1mRHvu0KE7SssSdW0eGd5aobYwIbWw2w7LZACGuek6KL4L-Gct3kYyiI4Vsd_EzdC6CP_8zHo0YhKyFTIRXI2I3w8mgSqFQqVIvMAtnVNxoUQWZBGZSFm--ctKs63HFe10h14_kqoFZxmQldIE_Qh2JafOq82VtAkdRkUm4jjXMFke4ul3kSTwKW0gR0dzl06cKoJKBSBmEUm4L6Vx98O7bjthhXK-poZMtZMSzLOOYcYrrk9RbY3Jv6hQZauvNdwDE5M1u_QKTBChf4P8wYkdzpCPVtmDSFt0OyJ6R0TkqbQK9QS5VaoCasbruY4z8EXO7zUOIbh5ZGqSsEGm-N6YfEFLigCeU8AhuRz5EgoFttP0TOYq9eKzn3i1epQ89bpUbl1uC-neouWinsfcIvw2CzNy91PyH4RELxANLupbVXCVopYqYbZw-7xUAkLJTtCirbqli1XoLvPO7A3tOZLS3Zts1uf_hRvpNXwypprq28dCGMPmca9nWw9_MdN285AyY4EYmKxElMTcZr2RpKeTmzlctkljrZDZ-C-9p85vuxdn9he46T5P-2-v4h5pUYqO9ot6Jq0ihTHuFdYVlaK1Brbx4Tey17MoaFwMOkO5x94UR-05ejHddFaRNzbuJ3zVHwjH7bO67c-PE6iqmkzlzxYHlE9ZeOGAZLc8M1jK7xlOk4utIGKSAufdy4jlNhtuCPqsuq-M0YLHDw96KN2ecGcH0AGHD_B9btI5rItHeL9xHR0_bu1NpMPnxFMYzaSeR4lJ8c7gOCdlALKKbhs0YSE-OK8yg4ebA4H7klbZYoP6EVC_tazPnF_mCyrp39YS6_DosxS039z9ZSzr72E5R0iraqAngw6cIxhcKreqFq16fiR7-nqs2kNLyzicGCeeSvzRJiUJDyk_woRnHbVCRRyFloELJ_Poa6D353Wazmc9TRBmKkIbprny5v1UiloVeEafK-9xLIazYgzx0O-7CUCNTkUc_UXqLm2AExAw7qf5R9KKfgkOPUsjJiwMAkyc6BbrnK_r8aEIEGaus3Rb7l_9Mh34-SkYyXAvtfcUSBzkDV6hfFPmyOK5ibNFWrs4Mnd2OfqpuZc0cp9gIgm416p8Uu6Shn746nXenArlN6YxpKQJ1tCFM1KF6eeWtHwUO3-cfBktP4u49M9wecmgao305zg3vedyVFHleErrmyhm1oQgqVA5Xy8rXx01QNMuWhnPmfBRuUGXdxaQz9NRnK-DKl2pGRqeuCiz6k_pU9cnS7OhVvy4Tg0sQ56qo3d2SB3i-WpWDggAr2M1wTV0qV1aCgBljJBfi-epu6wJ7ntccJ0ROe8hf4aAHqe8aZM8xJ4dsFrEpKZaUw8spDKGzNsID9KxlsMrfFWnmVM2jxnLPYeVED6l35VBPCHDU7jRZ3lsqhrzHW76irZEqYIjCJIJQtjumXBIfRcoK-712AcrK8IZOYg0jc5ZO1ZKsjBC9A5akdh7OMWtUM7jtyjpp4SAV0wmf_DFnTatNHa8C8D_LHP3dzlhZ-YwBKuELLL-a22n0n-r3g7K8uQDpOqXYOtZhQCLKp5A0mX1ivU9ryJpjgYKZIyAh8k4GqC0IB3nqDmYDOB2-X3cGB3r_5fh65ykUuhM5qEQbTPykXkLNge1CSp4Zad1EWMhMgZPPiWWGEDoi5lRYJC20QsZecNwLSkfv1eUlgl8-RzRS70XVGXorNmg2PjlPWKb6JttnU5kCwj6UFvThE8sKYJD71yGFYZP26mtm5WBMT_C_sb1x9mCWjbmP5N8VUOUQhn5UEnCTBiNmtFJuC-idyY66Clxqwktwy0F_yHUSVWRhfo6edny8mumHIk-C8RqMxfkaseme19xryrNtncyTiCXEvCunKzqlGmNoCDME4xIRYAX8yLlgFQXoU-dHBVFgH8HwlNOdxnVPMG7o5UOMm3pLRw6eoiR60exxYdOasT3PS7HmsEcURWsleNyKaa2exl8lOF92_druxHSonmJStqyebUKhwp5CAJv04nt_JgRrxgd9FtyGp18aV42yPDA1Zogr9EkbN-MDKbe425FdkBtUrSP3NXNCVQ7KpYPkeLqfFozScOYi2mXnaqotjQBCyzH5HWQRUcL_WxV2GUU1A5wjhqNaOtckAOck6vCDVadT6YONav9eFgDbvB3FxdsPNoSVP1EZvI8b5VGNJ7MhANpAv2nLyidYnOroIVnk8a_-n5_SIHHiji1AHZ__30SebmfB-9Kirp-WBu9ncnBM87Fp3QKUpreVvBmYPur2HyJX2hI4RwceSqtL64qlJqp35S0bk5xa2vLzcTM2R9bqsN_PnfF0J64XOcEB4AnvxjhnY38xe3ukr84DCNHDEi_Zlw7PK5CNhWramsrhtKtwia1K7H3sZ8xJEvT23nqRmK2CuUHxRiBnVW0sGPeP8MZXMR7PwnscRSjU1VCxVtHTNdAYHeLCStdNC8ng50I&cid=CAASPeRou4JuL9Sr3fwSTgPw40bcCiTIgPluigdMD-YoPdAZ5TAhjXayFb5R0JbM1iJ56r4EW40wN_a4fEJS0SI&rfl=1%2Chttps%253A%252F%252Fportal.tds.net%252F%240
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f92bd10542d5866ff293873f92c444ef6427b2ba7d6832fe6550138372dbc8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 267B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
735
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 02:02:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 267B 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Wed, 02 Jun 2021 02:14:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 267B 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1471
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 01:50:27 GMT
l
www.google.com/ads/measurement/ Frame 267B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTfX2K4KUlQ4CaFnchBmOC8XCEbRDfVUmBnP6NvT7nzB6F0KQpnAFNrDSTYjAGTy9zEM9EC
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 267B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-Ihh2Hp93P6CuG64vE6c3laV9Oc_6XvUtLdS4UKVzvS54-BoCrgpesuGEPMoqJA_nxSvpZ14Bazk54g_pncFLWumMxeH6mWBqaP3ui7XHg4Us4xk
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D2AE 		611 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhj5pqSaATAB&v=APEucNX3-hqJzAIA8bZE57tdCAiZOfnmoZZWhhBK_aOdA0Mhxbs7E13j6zRHTyB1NNHSOG-2y7_ZwzzcINv-mhmeNb4yIVLmIw
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMDEjwIQuMCtAhj5pqSaATAB&v=APEucNX3-hqJzAIA8bZE57tdCAiZOfnmoZZWhhBK_aOdA0Mhxbs7E13j6zRHTyB1NNHSOG-2y7_ZwzzcINv-mhmeNb4yIVLmIw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlnT71ErJyflgcdPGJZvrdBGuuARaBf1iEgONtu-MN821QRFn7aHRyWGOK7_lY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 02 Jun 2021 02:14:58 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Jun 2021 02:14:58 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 66DB 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4jCRHtZNkBEP07-y7H4aYubPq9F1g7j0GoELTKq9MB1_Yc-cqlE90EKeyTIYPiuJOGSu9Q9DgOVh-mZtXNnK8w94FpakyWnqGjA5voKUBQ8OaDLvJuZVKfDUVCbBl1J34eG7jZU4ar1RkN-BiAx4eHOGwjA&dbm_d=AKAmf-CEXd7BTfdfi2tMlfqsmHNgtHQyZLBQwphMJw5LhmNVuinQFU9QSjXG3mFX3j2KABHFCZYSv5L7t7TbsbIKfZE2b6o80XVRlxLmDAc-su53g_PShmZ08qfie0CORFv00iw5UD2hRTv3RDrfaBNZ63OLMyrkPFCidBKr4KhI2ZaCY36fVndnO0KwheF-ZXkVjkndp4u3nnqjM5B0IvFn97Gff86_-49HXKLfca1DJ1B7aUwA0dYk3NeEuJNav1PBYQXCjhOwQ1K8OuEouXjKTmXywZNopJJ3jraOzUqqtwp-QvPMFFWY6Rz9SV0nJHwsmPp3nDLp5UePgY6TBpJyyNbZKtItswF3MCKp-YMO-oihGU-m055FxMFDLKu17eOsOpHxyU0Y7wsHOqL7ieBRgkf-cfZdD3GgCCOVOlSpMhMNzIZfttQDc2KLlhso7cjHJQqyVo56HdwB6b261aUc_pyGtiaZg5aN8OgiRgDLVeZYd6_8BDlNdeKfwkK-YIa3LU1ro8TnQk9g9a876Y5vX1A00LFUO8o4GmJXS26eYEZmLKW74C9A5LhBwBPLsH96K3KeeTPnlffu3DlMjUiaw-VtEmA_D17Gztv3ukKP7t57KtN9Xt1e1tuZGud6qXC24inDzI4lb8bQLcgoZ7C8u4rXpUjt7mgLnf9kLKIgMXbAHQF5D0s6VF3xkQcDDag_JPtM9TDGtZWAzLUd6qaoC7ltW2VzHndakQPnqvE5U7m3dKiSG8MCfPcIY3SAvzk2FXCQQ64lxKaz_JzW6xPK9sv1qtbC9hvqa1Ta9c_v0CjWW6TGfZCJl5E8wV1VbvjFCK24CeF4MnqkVzewo5RDIubpU_GGFNqIJR4EhI-J9r7UsdtpYnykTE7_CHj6fdLtN85Wr7ktYbOFKwmU9ToPXD1qTKaBI4lH-fHMZjm8MQTKFTYxeKDgV6ZwRqjjYoUMEGkyp-e8jnIYZf736BPdyDeb7Rg5I4ZyCHRqAvjL0qtg2GRaY_jOdFKhmIBk0ttUeY-djDu5tPxhvRSyKxwrbgOulnrb-fEa3gcarM-x3FhPvIEpM0cDEx4KbKS7MZ1SsYRnFi3QhAZthQi2w7vtakpOLTMdU_zHDFj2Fay0DiGBw6b4aLBrpp44U8t_Lm-fV9uAihqMjRjGh05njFpPZQm9bQF4sklOYWPACkKsfUF_5RF-yzT42JNZZqCsz9HJZENxfeSdo0vg98oPfV3F2GiHaLy85WINd55rThDjtG-D596_ShvPoHPMp4mA4lyK5DEfM7fqTilZj7woIHO8p0IjFitdXplmfRQ2rw-CYl0nh0IlhzfwQSyRJWTxGK-qd-_X05wwZ-cIMz8tBtCvkrLlQppp9Zqc89i-XA2PiuHyFV7sWVSfhTt6MRRMMVN4tNI7BH4emQKGmpm16pDM6Q5wci-3WOzJ0emtI68iNDZcAbk2CgoyRR-Ti8S3dXjMLJH9Ar25uihPH2CNUfUGAGl4YCqCWTDC5i8dzN4ovTsNQJqFnT4f9Hfr7uRpQ0NCLQbgDxNfT4lZLPGpPVAsB8I4CU9x4cZUi4o6-i7eS5bh45nIM1-ShAxtIdXBrVTr_S9h66vY23TYC01VATqkQaClW4zhxmxeg8Nlw7cQA05jDx0ZYc1eDtCrjZIdNoGdos30UFhezwFIVI94alfxTqGeJ3-pXwliFZfj3ZkaHEV6zpKg59Y4NLaARImjuYVxQUi-l-vqjqVqbE6AKEfBlA51YsLdsjAlgAweaPPPzD6ABjBPBgmzvdN07pPW0iQjk1kEz4kpuoNrX-lakwaLkqFi9WqrRiBkdqwVPLANm3j0gW4zuZjOTkKuUOX6I0rMNCyxW6Q9Q0XeUJ6whNra6tI-ZILoUApl-gwizCkeIAbiChKxVsv1r6nTbYOxki2rj0tDhPRIKYpbJ_2oMCfEokROnOT-U3hSyR8_7mb6irLwejohM1h_Igqu3DluzT6RPyD4XDS8HIouY3eDYTSxzFwxYBUqpsTB0ydFdpn6BG_Y_8gBL14WNYe6JII20W8SfhrdaGRUYC_BOm8KMUrGk7s3nhK2kBhecNwoK2ub4EEc9vfALBLHttSvf4xaHNZWu8c-K0PZoI-we5MaqNvfLheJqfuOMi7S0gbWk6859Uc3p6cFneysvCKNo9NRTnOMlpsXSpRavVXx_4BUYIkOR8-h9NfAnkbyPunNyzx_nnc3CsrEcuTeyXMP1WOlAPtAvh7TQu524aydJQNKXPwJeT2eL1bs3OVvFooh68ZFhdSLKQj3t9afwutnIbRFkFXaPL8f3o6e9doKs7LtQ67AnwC_PJAhT1RNBD_PWfpDZ_PNYSEKwID4447nZaD20lRds5EtqNMJLQARpl9wkm8C49XR5BhA0rdYLyTCpZR4NdqlrBeI3YhaZIRjYq6ecNErAlkdWdtkvT2BvtSLGotHUPM7Hye6KGEjHQ7W_O-dbKRKOxUiKWIE8MaE2bCC4WMxuONGyZyaRXbWF5D_JneppetWkGQMWq3FGbXF3odIEvSId_7dkY87-1hHwq-2ZQ40fCO6K2BUItiwk-ygN0VRydPUqI4dt_PA6mVW7CU8E1qQ8RFf3TUg_hh84kEl673GciYzlfX5peiTDiLHRKDxp9y3Ep55A4pZ2ksboqDPE-KrYZhU9U2Oz7k7xslP-sAo9tKcZgimBy5h9tC8jIc0bg0tJrrHr5sc0gjp7ps5V9d9GF7m60oDdLqQVe5WlYyfXJrj0jNv79Dek5kw-78c9bZ1CmCMHwsFRfwqYHvy70UEET1AeeMAjqDFLwegWE0OjFcoVYNJ2I4AcmBG4F3Jg_q3nUwXk0RRfTSHYMtWsVfvuR3AZGXThgNDF7xjy9G9jQRqTY-FLUYyJ3FQlrHUSZTJtSFlXg294l2h35tkfYRedJxsVh4YMZ8vAz9T7LzLdKyVbtu4pZ0-q8XndMS8-tyCwpux-Lc2W8c322yFSAsjKggvRagngChfryPoxXjc1GqNnlT2JczEylPLRKN3MB9CWouWXTVzCbjXrFxfkbKwRTk0oY7t9SFXd6eqAcblBMaa-CglBR7BFqYYwSe8k9ChBSI9TTSi6KZE5yY4jiFUsMqee1CcOI7gO2h8dX8K4xs7r71DVu-ej6cYB4XXWtH1ED0McT_vIJWBuRyNuhSQeELdbWoL2t-prWFZZiBFeFngklH3_wh5Yt_lrFrqyG9pQSUAA3iVOq17Fst0W_XheB6MOHmQgkI8ET3r-BVamKbZ43NlGZnX34K0I5J_X0ReNhTnIs2ys0f8OZtPA_p8IsExXqjR9P7US99uEcn5ATeIVrZ1m-_un-g81mrj-ipO9TE-mg&cid=CAASPeRo3h4nygjumoGM3IOXXMUuqyOwRylkDcnU8aOwZuuhDWPI5-WSLbz5c0TCmkqB5Gz0KlZE3HoxfOIfCpM&rfl=1%2Chttps%253A%252F%252Fportal.tds.net%252F%240
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ce01d86a82dfd41be627131a561762f9ca379fd891beff892918d893506477b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24079
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 66DB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
735
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 02:02:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 66DB 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Wed, 02 Jun 2021 02:14:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 66DB 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1471
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 01:50:27 GMT
l
www.google.com/ads/measurement/ Frame 66DB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQD0mKUO2D-St7ItGkuhI5xKYcSrqc0H1B2Siab_JfHRShJ1-9qXRkK_dzMyo6EH2Du6_tU
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 66DB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C2lT6CFEOGrHWBkfHLGUQQGwhgEkAzHVhqZ2mWuSZ9o6iSjPsZvRQoSMFYFjgOD0nMhMc-mZRBpj_oXdtmDsqwDgmAYLjVjiHF0Md1vG-oQEy8ZQg
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ Frame D587 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1622600098745&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportal.tds.net%2F&c9=
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-71.cdg52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 cf82d48fdf484813132bbd9c90904672.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
oh3AmsLwlT6C3zvjdDmO1h9GafrgHPBvg8g6mFHiHb-1LawOtbGUNA==
x-cache
Miss from cloudfront
stories-vertical-ui.20210531-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame D587 		585 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/stories-vertical-ui.20210531-8-RELEASE.es6.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
801e8224bdf2e16111e12739e43c37f474377f17d90957e9358d2dc400efe48c

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
t5Lgz2h0ENy6RAIVx.AVybVe04q1.tff
content-encoding
gzip
etag
"f810ea09ff53b5825326ba77acc3291f"
age
105
x-cache
HIT
x-amz-replication-status
PENDING
content-length
317
x-amz-id-2
WHkITZpRhYCNAx1YB+8DjtfOHE2nc/sv5LotfgwVE+Dz4QciNaVzfAXPA0IzSDZGALDpJ1f5i/c=
x-served-by
cache-hhn11524-HHN
last-modified
Tue, 01 Jun 2021 12:42:45 GMT
server
AmazonS3
x-timer
S1622600099.768522,VS0,VE0
date
Wed, 02 Jun 2021 02:14:58 GMT
vary
Accept-Encoding
x-amz-request-id
5H60BKR9K62NQ52C
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
76
x-cache-hits
248
pixel
cm.g.doubleclick.net/ Frame 1115 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhiyrKSaATAB&v=APEucNVJ_VOrBplKvWslw0srcR3eJrC3LtRn0Ej_ikVaAxb6EwRLzZhW8p-HPbguLitZkpbNcBsKeel8wSt8pf47K9AVx6S51Q
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1115
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKe4tw6l70mJYJjiaFH-ttk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKe4tw6l70mJYJjiaFH-ttk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhiyrKSaATAB&v=APEucNVJ_VOrBplKvWslw0srcR3eJrC3LtRn0Ej_ikVaAxb6EwRLzZhW8p-HPbguLitZkpbNcBsKeel8wSt8pf47K9AVx6S51Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 02:14:58 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKe4tw6l70mJYJjiaFH-ttk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1115
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLbpoMR-9v0U88zYS2tDtAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKe4tw6l70mJYJjiaFH-ttk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKe4tw6l70mJYJjiaFH-ttk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhiyrKSaATAB&v=APEucNVJ_VOrBplKvWslw0srcR3eJrC3LtRn0Ej_ikVaAxb6EwRLzZhW8p-HPbguLitZkpbNcBsKeel8wSt8pf47K9AVx6S51Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 02:14:58 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKe4tw6l70mJYJjiaFH-ttk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D2AE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDix4Mm3-Jw3b3FynNs90Bo&google_cver=1
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDix4Mm3-Jw3b3FynNs90Bo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhj5pqSaATAB&v=APEucNX3-hqJzAIA8bZE57tdCAiZOfnmoZZWhhBK_aOdA0Mhxbs7E13j6zRHTyB1NNHSOG-2y7_ZwzzcINv-mhmeNb4yIVLmIw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:58 GMT
X-Proxy-Origin
91.132.136.92; 91.132.136.92; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.231:80
AN-X-Request-Uuid
ef46f38c-beab-4ca7-b122-14e9bc1a3a3e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDix4Mm3-Jw3b3FynNs90Bo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D2AE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI0MDM2MjkxNzI3NzE3NzMzOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI0MDM2MjkxNzI3NzE3NzMzOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhj5pqSaATAB&v=APEucNX3-hqJzAIA8bZE57tdCAiZOfnmoZZWhhBK_aOdA0Mhxbs7E13j6zRHTyB1NNHSOG-2y7_ZwzzcINv-mhmeNb4yIVLmIw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:58 GMT
X-Proxy-Origin
91.132.136.92; 91.132.136.92; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid
a7a823ee-aba5-4a12-a14e-1e4a1ea4ea1a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI0MDM2MjkxNzI3NzE3NzMzOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D2AE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPCVsT7i_CojIfyQV0d1Sek&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEPCVsT7i_CojIfyQV0d1Sek&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEPCVsT7i_CojIfyQV0d1Sek&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhj5pqSaATAB&v=APEucNX3-hqJzAIA8bZE57tdCAiZOfnmoZZWhhBK_aOdA0Mhxbs7E13j6zRHTyB1NNHSOG-2y7_ZwzzcINv-mhmeNb4yIVLmIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEPCVsT7i_CojIfyQV0d1Sek&google_cver=1
date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 google
server
OXGW/16.207.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame D2AE
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWQwOWMwZjgtOGFiZC0yZjEzLWQzZjItMjEwMzYzMGI5MWU0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWQwOWMwZjgtOGFiZC0yZjEzLWQzZjItMjEwMzYzMGI5MWU0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhj5pqSaATAB&v=APEucNX3-hqJzAIA8bZE57tdCAiZOfnmoZZWhhBK_aOdA0Mhxbs7E13j6zRHTyB1NNHSOG-2y7_ZwzzcINv-mhmeNb4yIVLmIw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 02 Jun 2021 02:14:58 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWQwOWMwZjgtOGFiZC0yZjEzLWQzZjItMjEwMzYzMGI5MWU0
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame D587 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4L27hSogH-YdLcT3KhsKmCh7a67Tla0oZfUUs2A9ac_mhEhT0DJN8VccHzJZ41vkdA8zYXwljFjpVcrZKr53vbWGxfcVSCmjJF1ZqUQONfoOtGsstIXoOOZogvWG4WAa1IvKaMRVeWe6AoehEz-_ReHkLbPCydEH26YWya39-RorEoQfKJgz-bDJnlLrqNNQ6K6b11YwsoU5ZDkvoDF2nRe8KLsyXUC5wkIRPmRe7t3cOnGrkj81ELJyPwFz3OYVAsNtWOG6esIyyYrsKihcappBgsuDANqNjutQoDE06&sai=AMfl-YR-JBnidh6Ne8-nVz4ETiCMgG4Kg9qNV1cyFHrx1Mk7si93__HOKgWC7R_Jz0B0f41b4MJc-79Rw__bITpCb7e2ALfjzdBMLuzd2-j_wv9Mxax-pminj0XRjt8BS4E&sig=Cg0ArKJSzENINJilc7DmEAE&urlfix=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 02 Jun 2021 02:14:58 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 66DB 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com
Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 14:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42652
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jun 2021 14:24:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/elements/html/ Frame 66DB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/elements/html/omrhp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:53:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 01:53:16 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame 66DB 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b98a31a2e279e9ddc8c68c0f0d35a03fd6cabb0d4fe7cce8b5ea0f3d1f7c5bf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13843236118941462489
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 02:07:53 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 267B 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com
Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 14:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42652
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jun 2021 14:24:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/elements/html/ Frame 267B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/elements/html/omrhp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:53:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 01:53:16 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame 267B 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b98a31a2e279e9ddc8c68c0f0d35a03fd6cabb0d4fe7cce8b5ea0f3d1f7c5bf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13843236118941462489
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 02:07:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 66DB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4437
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 01:01:01 GMT
truncated
/ Frame 66DB 		205 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b51f42868d9bfe9c5124da597422377759594505ce03ec2098833f54aac70e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 267B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4437
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 01:01:01 GMT
truncated
/ Frame 267B 		204 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf28835fc9e1080337fe625ad033146ef85252a60d17116af76826940baf1add

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame CBD4
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4117d4db-d2d8-4a03-999e-0b64825222b8
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4117d4db-d2d8-4a03-999e-0b64825222b8&tbid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&query=taboola_hm%3D4117d4db-d2d8-...
0
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4117d4db-d2d8-4a03-999e-0b64825222b8&tbid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&query=taboola_hm%3D4117d4db-d2d8-4a03-999e-0b64825222b8&isDirect=0
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1622600099.438771,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19169-FRA

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4117d4db-d2d8-4a03-999e-0b64825222b8&tbid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&query=taboola_hm%3D4117d4db-d2d8-4a03-999e-0b64825222b8&isDirect=0
tbl-x-upstream
10.40.0.195:10213
date
Wed, 02 Jun 2021 02:14:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13071
sd
u.openx.net/w/1.0/ Frame CBD4 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&gdpr=0&gdpr_consent=
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame CBD4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KPEU7BLY-1S-HNXP
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KPEU7BLY-1S-HNXP
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
58
date
Wed, 02 Jun 2021 02:14:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1622600099.052626,VS0,VE58
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-hhn11524-HHN

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KPEU7BLY-1S-HNXP
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame CBD4
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=90f72f49-1fa9-5199-908d-8366f03b6ac0
0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=90f72f49-1fa9-5199-908d-8366f03b6ac0
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Wed, 02 Jun 2021 02:15:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12875

Redirect headers

location
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=90f72f49-1fa9-5199-908d-8366f03b6ac0
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
101956
jadserve.postrelease.com/suid/ Frame CBD4 		43 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.23.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:00 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame CBD4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=52sTSFjyQHDX&ev=1&orig=trc&pid=562107
0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=52sTSFjyQHDX&ev=1&orig=trc&pid=562107
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Wed, 02 Jun 2021 02:15:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12873

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=52sTSFjyQHDX&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame CBD4
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1240362917277177338&orig=trc
0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1240362917277177338&orig=trc
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.95:10213
date
Wed, 02 Jun 2021 02:14:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13071

Redirect headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:58 GMT
X-Proxy-Origin
91.132.136.92; 91.132.136.92; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.87:80
AN-X-Request-Uuid
9b4d3f9d-2533-4cec-a314-faacce7e999e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1240362917277177338&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame CBD4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKYB9qJsiFMCVOMrITb74Ms&google_cver=1
0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKYB9qJsiFMCVOMrITb74Ms&google_cver=1
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
53
date
Wed, 02 Jun 2021 02:14:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1622600099.015289,VS0,VE53
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11524-HHN

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKYB9qJsiFMCVOMrITb74Ms&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CBD4 		42 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20:$UID
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:57 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:335
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame CBD4
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20
tbl-x-upstream
10.41.10.199:10213
date
Wed, 02 Jun 2021 02:14:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13071
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame CBD4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=392c1730-50b0-4dd5-9682-00e5b40a3ace
0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=392c1730-50b0-4dd5-9682-00e5b40a3ace
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
58
date
Wed, 02 Jun 2021 02:14:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1622600099.023949,VS0,VE58
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11524-HHN

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=392c1730-50b0-4dd5-9682-00e5b40a3ace
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame CBD4
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&us_privacy=1NNN&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&us_privacy=1NNN&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&us_privacy=1NNN&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:00 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:00 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&us_privacy=1NNN&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame CBD4 		49 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-555c8fd69d-h2lrt
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame CBD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&gdpr=0&gdpr_consent=
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
put
e1.emxdgt.com/ Frame CBD4 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:59 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame CBD4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=6615654a-c909-4404-90d9-22175b2ab961
0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=6615654a-c909-4404-90d9-22175b2ab961
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Wed, 02 Jun 2021 02:14:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12794

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=6615654a-c909-4404-90d9-22175b2ab961
cache-control
no-cache
date
Wed, 02 Jun 2021 02:14:57 GMT
server-processing-duration-in-ticks
1908
content-type
text/html; charset=utf-8
content-length
222
expires
Wed, 02 Jun 2021 00:00:00 GMT
8.gif
id5-sync.com/c/464/340/0/ Frame CBD4
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOtYA-lSnditF4FYtKucndO49PXbs1udYm2_WyOg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOtYA-lSnditF4FYtKucndO49PXbs1udYm2_WyOg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=8fb74b43-0ead-400d-b209-1296ebb3243e&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/5/3.gif?puid=e4a290fcd068ced9c56ed9e4d98d00e9&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/4/4.gif?puid=c8424bc3-e228-4d7e-bae2-6b13b8e047e9&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
  • https://id5-sync.com/c/464/108/3/5.gif?puid=e953c59b-897f-4d59-90d6-3aa685c01814&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/146/2/6.gif?puid=d59c04df-b7aa-4eae-ac1b-e4aef8869278&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOtYA-lSnditF4FYtKucndO49PXbs1udYm2_WyOg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F160%2F1%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/464/160/1/7.gif?puid=71431968016794203626855896836867177312&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOtYA-lSnditF4FYtKucndO49PXbs1udYm2_WyOg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F340%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/464/340/0/8.gif?puid=71431968016794203626855896836867177312&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/464/340/0/8.gif?puid=71431968016794203626855896836867177312&gdpr=1&gdpr_consent=
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:15:01 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

DCS
dcs-prod-irl1-2-v008-0985ea631.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Error
315
X-TID
AIta6R2nRR8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://id5-sync.com/c/464/340/0/8.gif?puid=71431968016794203626855896836867177312&gdpr=1&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame CBD4
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=QJxdiJLECCyW2D6bpOm2YA
0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=QJxdiJLECCyW2D6bpOm2YA
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Wed, 02 Jun 2021 02:15:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12897

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=QJxdiJLECCyW2D6bpOm2YA
date
Wed, 02 Jun 2021 02:15:00 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame CBD4 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Wed, 02 Jun 2021 02:14:49 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame CBD4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=9afa73fd-a392-4712-8848-229040e385e3&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=249bf211-ef9a-4f37-936a-2a71bb268abf&expires=2&ssp=taboola&bsw_param=9afa73fd-a392-4712-8848-229040e385e3
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=9afa73fd-a392-4712-8848-229040e385e3
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=9afa73fd-a392-4712-8848-229040e385e3
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.95:10213
date
Wed, 02 Jun 2021 02:14:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12794

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=9afa73fd-a392-4712-8848-229040e385e3
date
Wed, 02 Jun 2021 02:14:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cds.js
cdn.taboola.com/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210531-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qAC_83v.ruQxT.EBjAF212Y3Xw1cEshk
content-encoding
gzip
etag
"fe3141b1cffc47b284c82d96b098b304"
age
429
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1181
x-amz-id-2
i42wDgzNjIRrbICyL56uZvk6UZlXA/ux6CF8Z618XGeUERc/82YlIPnWpu43Ye2+Lpy0hY5jQx0=
x-served-by
cache-hhn11524-HHN
last-modified
Wed, 10 Mar 2021 13:27:13 GMT
server
AmazonS3
x-timer
S1622600099.971157,VS0,VE0
date
Wed, 02 Jun 2021 02:14:58 GMT
vary
Accept-Encoding
x-amz-request-id
8G72GPESSN3T79N7
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
76
x-cache-hits
1377
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1CA6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 01 Jun 2021 08:57:58 GMT
expires
Wed, 01 Jun 2022 08:57:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
62220
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/9492030/1620201710760/ Frame 17C5 		17 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9492030/1620201710760/index.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa7760f893375b1e23837abe1bbd0b1c8f00468db0a763aedf41bef8049bdc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9492030/1620201710760/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
11765
date
Wed, 02 Jun 2021 02:14:59 GMT
expires
Thu, 03 Jun 2021 02:14:59 GMT
cache-control
public, max-age=86400
last-modified
Wed, 05 May 2021 08:01:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 66DB 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstXSvMrUy_tzr91scAu90uNAq-bWTkg4cvSXSP38rv7vG1nsXhIsACxZ85lX0eYFfuq-WDsJILui1sDZWkbimCM3WjgE6ENEJ_Xe9tZ9TWAbEst-24LLFvUVx1FGucIbq9p8BXtwD8Pfm3mNQM05C9_C2KK63cZI744RVnUuqPaa_9dOSRh67O2NfHdvPu0BmQHO35CygKgPT-_VdMM3Y2YJYUDXyq5G7ymDbySlswbkC_5bDENqGoUpfkHsjNIN2lBE8DEPHpjMP8nb59axoRS_GyE1kM7qcCfqv1szCAobJIXH5Kjl6UFQ515dPcWvIJjTj8qV4B92hekF0wT9RyIZn51r3qPs1jVrFWp5LUvjm1dnMrS7VOBxvaI903QX3b84DFgymUKiW1IZ0nBSPeVtJa1EsmpdpCzoYLcDyGMpg_xz1DDl7llOb0BT0P2b5kQoV79y5NrsbQMdhOWKKnByuPrPOkylKQq_PuuTalFU4dPSep6KyqtQCYTpdleFCwOv5hREeYy7cisDURcCZMQtLqPuRvl7Q2YX7TlRfXlFKA_uS1ThcX7d38Zf-nh8kcKHO_X6IHyqFMujrgtX2-gKEYZ_x31mdQOsygVb3fQ_x4yb5f4ZG83hIK7Db4ZhUn9R8L2Cvu87Of8UiHPeqwfh5AMPrNL2BgOCyGEfyjOFnV2f7BpjvnqfxVkBu_Of5q3_N4dM7MCyV7DS4HqVPo39zLcY9WGs1Dm8nBscJzUPuNZRq8cyI4hyt1l4p90RLFe0ekiN_tLQR7tQ4nnoFvhVDThraxoeFizjzMUekPal3rtTaf_o34wsorifhnM4VKessRvra_rNNWa-lz2bkLngWML5YstC0NjL-gMaYbt95pPKIMmslk2a_mrdU5twBwbFNsOaopcaMHGdrX5hSqmL5bJhiP8m0S_fBdoNoJJGCDlFSA51pAMB9tvLBClzOYC-0KAhbAQwyx2TbO6JzsN1HVnoCDjiikFepmV8JuHSejEw_jj9uPYHaeL--N5Fn0YzGNjrrtGIIGpWvxtoDhZsJSbQqHSDbHwvQBczbKJlMuB0y-h56hwU5ZHwJSIaCGznbD0C9u7j4NU3yvSEyDh5BNUjFVvnDh7kzfS5ZoCt6RgUBP_93PKe9zC0WbVhGflAvuaXli9ojiLORN7DsoRCoqDd-MsZUSMHe6p9cqWts0XNsOGhCqWYBAzvDoEYcZMyeYMg3P73fDrUnyC78LW9vo-6XpX0cQi1wxt-4W1e9HlnyxCVP9DH9EDQ6U5&sai=AMfl-YTFkMj71tsao1qUF9xQsslCqQS9pT9l_XMRUoN6TFM3HKB5-YPRfxscExzaJzKkKvKd2LgRUnl3Gf-ccup2eJhYoDvAmx5VCEH7eI0TgX11sVRQgr8Kc9DqqWKDHmViRJLAOYZXGFODQ3sMw-GX5gve_fB5aMkG00_6WLsV91ql4oVG4sUvQqfrKFZ1B6sV__XezLOu2o3Al5uqVOnCe1xuIxls9IOs1Ioayerr4w&sig=Cg0ArKJSzENtpbxgPIOIEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=136&cbvp=1&cstd=132&cisv=r20210525.59733&adurl=
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 02 Jun 2021 02:14:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/9492030/1621516504741/ Frame ACCB 		18 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9492030/1621516504741/index.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abddaf93a0ec51802279377c600ba00ce58b998dce34719fed724b32b6c731a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9492030/1621516504741/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
12261
date
Wed, 02 Jun 2021 00:02:40 GMT
expires
Thu, 03 Jun 2021 00:02:40 GMT
last-modified
Thu, 20 May 2021 13:15:04 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
7938
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 267B 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstc6nPO-AIz1YzBegkdKza_6mNDKZhg__Up83pjxruD5XeRbxswfoPDlTLLs8lwbVWKFPpY1DzG0yFk9XSWRU7Jy92JV7SHNoBKLGnq8n952ieWvbMxSIYY2ZCjW49u_7aBCp-4NBZ2h_ibTB2e3Im0w-ZpOHrajYO_y7z1tcab67qwCucg0JJuiqzGuthvOjoa-pSTxv-2RFxoqaqcTlWfHc9lfilXzwnsfOmPIbCMoaDhvSMZEPZfE0jKMF_swiQ55esNRI5AIrLZgmf7EZVaBmyTu4n-ZtXvhQcBqk3AlRltSY9gR_0y5bb2wfY73OIVlTNtVkZHPesgMVOQmVOElK-IvmltXkW11L6Tf602jMdAyjIBPfpQDPcQcthpQBH4XcpngJCSucUZvrnBCkVbzqseCFwKaqx1M2UpadFtiyDQyrWv5UJ7GEzPEpDjkljRKUEfSPaYSKz7hw9UkEh5esHsvamGwjehFR5zdpJGPLAIjCSSB31IbLW8tiBbSVFIC3j8jsT_rMkC_-KjbWncR7EDzX2H4lyezGMAhvdk1yOWkH_43dDyPtJZ_SctOlKMNCzi6FHlemPBEBSW01jJJKGaDnZzUEo_iUvSKxxCLTpoYmlifsnffHAOtOK5hr7nMCblOPRwvoGhnVNUyRp-CF0a30fnQ-EqKcbHakvZEUq-vMIGCURBZHPaOOYeeUjMlpFSmosLVEUTN5_6Jx4md7ll47Sbq3g4qjstulqE7WSKcyzWS5Ka8P8BWFVtjJA3S8MzTsAurX4WLc30njkdz2CrDMTUxQIHsINHWmV4HpZ3OUZdl6UnLTKiq7ekHLahYxAgU9AQaA29_SiNFQ1l4Eeo9sB7Mp0BiToJ5cf2bDcqN8r7AsafpKuu604BJNctn8Bp0N8T5HH3IxeZh6VEN9cY5c45vllQHgxjQi64SSkT-VtJpKWjSvRXKysKGln6axS1ymuJUINvhKDADd1jo2ZCtrUOS7dK3ORpXjr1lNF_p9ttTn0R_tKNyfO5V5C5bXRgnbAvbk1uu_tHKPALIvKxgDM1o_Bd4D_328gITJ_5ucL1bDRKhd61jk_dJckWkh7mMhF2e_A6l1j-8b6MpRYnf6mbZEy4fgRpvFa_ba1M6JFDhO-6XvPgth3YzwzLuFeato6MV-0j1xZIY2LOHY2J-u9iYaH_Gx6nII7u7d37DHF-ijoHoQciyXmqIm_ZYdPZKfnX9ABivyNHOf4LpVUXbjz9irFO0VIv7OzpcSk_4-iPqjYGlaA1Hg1pPbOerCLsunE&sai=AMfl-YRWpkb2kHYB_vKpFToH7jdgDFq4icJu5E8WTfMLlUxGZAN6TNFpM65UnhcvsEBs6CZDHvG3xr4BYup5KobxNZ5A20D5NeB8G3fubYLCwpJV4cfH3M-WDAFB8v2CIDcgzn40RFIFKdSkAd1HP-TScUIyesZIcVGvMU1kWz_tqv6BHCUhy5AzhY9VR3NgVYjcnppfXl6XO3VYIBumRoDbXlezBsOhh3c4mzNV3ooZ3A&sig=Cg0ArKJSzDWHz1yNYibHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=133&cbvp=1&cstd=130&cisv=r20210525.98628&adurl=
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 02 Jun 2021 02:14:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3333 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 01 Jun 2021 08:57:58 GMT
expires
Wed, 01 Jun 2022 08:57:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
62221
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
t1.taboola.com/ 		2 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t1.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.196 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6cd5b6e51936a442b973660c21553dd22bd72ddc8751132a943475288113b4c0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:04 GMT
last-modified
Sun, 24 Jan 2021 15:03:16 GMT
server
nginx
etag
"600d8c34-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t2.taboola.com/ 		2 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t2.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.215 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
4523540f1504cd17100c4835e85b7eefd49911580f8efff0599a8f283be6b9e3

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:04 GMT
last-modified
Thu, 21 Jan 2021 15:58:53 GMT
server
nginx
etag
"6009a4bd-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t3.taboola.com/ 		2 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t3.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.196 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6cd5b6e51936a442b973660c21553dd22bd72ddc8751132a943475288113b4c0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:06 GMT
last-modified
Sun, 24 Jan 2021 15:03:13 GMT
server
nginx
etag
"600d8c31-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t4.taboola.com/ 		2 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t4.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.200 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
323783be9a53a31e158ec9600626a4703e99f4e183bc1acb8772cbdf5c3a1ece

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:06 GMT
last-modified
Sun, 24 Jan 2021 15:03:16 GMT
server
nginx
etag
"600d8c34-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t5.taboola.com/ 		2 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t5.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.206 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
340792a7a42feffabbddc144fe4059013ff8af265ca9c3337933e0b633569367

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:06 GMT
last-modified
Sun, 24 Jan 2021 15:03:16 GMT
server
nginx
etag
"600d8c34-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t6.taboola.com/ 		2 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t6.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.194 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
a953f09a1b6b6725b81956e9ad0b1eb49e3ad40004c04307ef8af6246a054116

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:02 GMT
last-modified
Thu, 21 Jan 2021 15:58:22 GMT
server
nginx
etag
"6009a49e-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t7.taboola.com/ 		2 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t7.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.231 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
670671cd97404156226e507973f2ab8330d3022ca96e0c93bdbdb320c41adcaf

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:02 GMT
last-modified
Sun, 24 Jan 2021 15:03:16 GMT
server
nginx
etag
"600d8c34-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t8.taboola.com/ 		2 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t8.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.205 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
2215f50cb99824ed2786a5d12df72b5dbc304b85f28cd5b873b645cccc3b7411

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:02 GMT
last-modified
Sun, 24 Jan 2021 15:03:16 GMT
server
nginx
etag
"600d8c34-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
pips.taboola.com/ 		64 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:59 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-hhn11543-HHN
access-control-allow-methods
GET
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame ACCB 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1621516504741/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1621516504741/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jun 2021 02:14:59 GMT
vF300x250_Swisscard_MilesAndMore_2021.js
s0.2mdn.net/9492030/1621516504741/ Frame ACCB 		29 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9492030/1621516504741/vF300x250_Swisscard_MilesAndMore_2021.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1621516504741/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
553ab608e10eb14ee6c9e0fb6a1bc2c2a72a95fd9299d05abba99e5e1b40458c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1621516504741/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 13:15:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19001
x-xss-protection
0
expires
Thu, 03 Jun 2021 02:14:59 GMT
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
pagead2.googlesyndication.com/bg/ Frame 1CA6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
7400
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
expires
Thu, 02 Jun 2022 00:11:39 GMT
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
pagead2.googlesyndication.com/bg/ Frame 3333 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
7400
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
expires
Thu, 02 Jun 2022 00:11:39 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 17C5 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1620201710760/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1620201710760/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jun 2021 02:14:59 GMT
vF728x90_Swisscard_MilesAndMore_2021.js
s0.2mdn.net/9492030/1620201710760/ Frame 17C5 		29 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9492030/1620201710760/vF728x90_Swisscard_MilesAndMore_2021.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1620201710760/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3dbbd3c786749369564e4e2f58dde7ba42042b20525bb83b2793d8ed2bea58c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1620201710760/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 06:42:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70374
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19109
x-xss-protection
0
last-modified
Wed, 05 May 2021 08:01:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 02 Jun 2021 06:42:05 GMT
bild.jpg
s0.2mdn.net/9492030/1620201710760/ Frame 17C5 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1620201710760/bild.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1620201710760/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
603cd0a6444d9e91a14cc8e48f4164aff5a3cd11ca4d4c46fc7f87f74373e1dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1620201710760/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:07:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 May 2021 08:01:51 GMT
server
sffe
age
22064
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68920
x-xss-protection
0
expires
Wed, 02 Jun 2021 20:07:15 GMT
bild.jpg
s0.2mdn.net/9492030/1621516504741/ Frame ACCB 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1621516504741/bild.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1621516504741/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f1e65db5113c24c77695c16dd3584568c2d5b4cfd517ff5ad9869761fd4014f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1621516504741/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:59 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 13:15:04 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25649
x-xss-protection
0
expires
Thu, 03 Jun 2021 02:14:59 GMT
classic_amex.png
s0.2mdn.net/9492030/1620201710760/ Frame 17C5 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1620201710760/classic_amex.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1620201710760/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87aa79a4a61a3faec88cb9f6d353a11b7ff2ed5198d5b896903a8f11f3158e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1620201710760/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 May 2021 08:01:51 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8708
x-xss-protection
0
expires
Thu, 03 Jun 2021 02:14:59 GMT
classic_amex.png
s0.2mdn.net/9492030/1621516504741/ Frame ACCB 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1621516504741/classic_amex.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1621516504741/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87aa79a4a61a3faec88cb9f6d353a11b7ff2ed5198d5b896903a8f11f3158e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1621516504741/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 06:07:22 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 13:15:05 GMT
server
sffe
age
72457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8708
x-xss-protection
0
expires
Wed, 02 Jun 2021 06:07:22 GMT
json
trc.taboola.com/synacor-display-tdsresidentialportal/trc/3/ Frame D587 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/synacor-display-tdsresidentialportal/trc/3/json?tim=04%3A14%3A59.267&lti=deflated&data=%7B%22id%22%3A461%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3A%220b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20%22%2C%22uifp%22%3A%220b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20%22%2C%22lbt%22%3A1622458567843%2C%22vi%22%3A1622600096463%2C%22cv%22%3A%2220210531-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportal.tds.net%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22nsid%22%3A%22synacor-display-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-stream-c%3Apub%3Dsynacor-display-network%3Aabp%3D0%22%2C%22uip%22%3A%22Adhesion%20Backfill%22%2C%22orig_uip%22%3A%22Adhesion%20Backfill%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210531-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
71ce40829b74ddf7ce148ca3233176c6aaf65d008507007b078480084e0674bb

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
172
date
Wed, 02 Jun 2021 02:14:59 GMT
content-encoding
gzip
server
nginx
x-timer
S1622600099.277511,VS0,VE172
x-served-by
cache-hhn11524-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://portal.tds.net
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
classic_master.png
s0.2mdn.net/9492030/1621516504741/ Frame ACCB 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1621516504741/classic_master.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1621516504741/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e65526c7ca60141914047471214be236295f408ad639e8b004602934b7d18f03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1621516504741/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 09:42:17 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 13:15:04 GMT
server
sffe
age
59562
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8408
x-xss-protection
0
expires
Wed, 02 Jun 2021 09:42:17 GMT
gold_amex.png
s0.2mdn.net/9492030/1621516504741/ Frame ACCB 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1621516504741/gold_amex.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1621516504741/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb3cdb6a0aefa2841c86d05d8cef3852c6501c0b82b686464520b026e1f003c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1621516504741/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 09:42:17 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 13:15:05 GMT
server
sffe
age
59562
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13046
x-xss-protection
0
expires
Wed, 02 Jun 2021 09:42:17 GMT
classic_master.png
s0.2mdn.net/9492030/1620201710760/ Frame 17C5 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1620201710760/classic_master.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1620201710760/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e65526c7ca60141914047471214be236295f408ad639e8b004602934b7d18f03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1620201710760/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 May 2021 08:01:50 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8408
x-xss-protection
0
expires
Thu, 03 Jun 2021 02:14:59 GMT
gold_master.png
s0.2mdn.net/9492030/1621516504741/ Frame ACCB 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1621516504741/gold_master.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1621516504741/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c411d4429be5880fffc48f9aa287f8c255416e29bbd4ea4306059388d6a86598
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1621516504741/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:02:50 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 13:15:04 GMT
server
sffe
age
7929
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7851
x-xss-protection
0
expires
Thu, 03 Jun 2021 00:02:50 GMT
karte1.png
s0.2mdn.net/9492030/1621516504741/ Frame ACCB 		113 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1621516504741/karte1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1621516504741/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e72886efa7fdcc1efb5e820355a53aea0a67bc1e2455f8996b809352f6c5e966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1621516504741/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 06:07:23 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 13:15:04 GMT
server
sffe
age
72456
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
expires
Wed, 02 Jun 2021 06:07:23 GMT
gold_amex.png
s0.2mdn.net/9492030/1620201710760/ Frame 17C5 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1620201710760/gold_amex.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1620201710760/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb3cdb6a0aefa2841c86d05d8cef3852c6501c0b82b686464520b026e1f003c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1620201710760/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 03:39:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 May 2021 08:01:51 GMT
server
sffe
age
81343
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13046
x-xss-protection
0
expires
Wed, 02 Jun 2021 03:39:16 GMT
karte2.png
s0.2mdn.net/9492030/1621516504741/ Frame ACCB 		113 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1621516504741/karte2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1621516504741/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e72886efa7fdcc1efb5e820355a53aea0a67bc1e2455f8996b809352f6c5e966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1621516504741/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 09:42:17 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 13:15:05 GMT
server
sffe
age
59562
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
expires
Wed, 02 Jun 2021 09:42:17 GMT
gold_master.png
s0.2mdn.net/9492030/1620201710760/ Frame 17C5 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1620201710760/gold_master.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1620201710760/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c411d4429be5880fffc48f9aa287f8c255416e29bbd4ea4306059388d6a86598
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1620201710760/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 May 2021 08:01:50 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7851
x-xss-protection
0
expires
Thu, 03 Jun 2021 02:14:59 GMT
platinum_amex.png
s0.2mdn.net/9492030/1621516504741/ Frame ACCB 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1621516504741/platinum_amex.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1621516504741/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27525d13bab01446862a49b2da3aebe337534e0c23a2766e61d35aaa42bf090f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1621516504741/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 06:07:23 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 13:15:04 GMT
server
sffe
age
72456
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9331
x-xss-protection
0
expires
Wed, 02 Jun 2021 06:07:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CA6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJ-Rroum2YJGwLoSn3gPurr2QDwAAAAA4AeAEAg&bg=!ysmlyY3NAAaMan2LjGo7ACkAdvg8Wj9OD2iXG9nAcBAAAFf2g5Vw0gYqloInYcIr3iCIjaPjDra0uwIAAAEaUgAAAAxoAQcKAFiFH_ZH_a9hxstOijF_LrypTj8no2PpvcczOfMG3rTmbdjR-8ffBfE4kbzP8qJgRJSFbRN0S4XvjW9s2m8oZdNPk6KLc76AH-pWDRn2XazBzI16B3Y2UDxQmQKZZeLxcpiHvSA6TnztJfRHwFGV_DaO1uUEzWXKXXEvUu0JvEEQzYiP2ZEn9ZkRrj_-fNphZUibX_i4m84sUAb24Ky1FyLhzvevR1V9ieA5Q1hRgOftJ-4XKf_1qjipou7Qfw-XvvZL6OiKqQvg9zpJa1oB19t9EsgrNjwmKGJ7FvvS2s_bW3d7q4AkUwBKWVVkM7dGVWGa3WhvOseftpWzcxIymQrPxsorN97hVClRPLInyV9fzXr_1uJYUaesDLN9WOo-VFzPOJdEq2p0_mi0Yl_daJ86ONKP44eta4t5n5nuOYUbOqWZlsuxJ21YPM1xae6GgLv9y3AqXob81zYDE3MWXxgSExmJ9jyvWYMkt2x6H5RK7QXwYSdS4LubJxRzF1OfZJswS9N4dhA8hGp3PHgScRu5WfUQHsnV5hT23tXxY5W3hp3fS2lKt5t6XC1XZIhq8vTLy8IorSJpYy12tOM23wfz8qMRXRbxwKvJJjUNAf68ykYiocdLrHDBa-tooNU958Jg50eiKFa6BxT8oMIci81Ac3_kdet1GErx78CnbakkoYNEUQ8aFJenw8i00etVrH7br4m-cRTXy2ByJfEm9OEaPdgCb_E6tmu2Gqv3Ns9eoSiysUWczGmYN3yzz94qMAzllnIDvGo8Uv_ne9Bts6KU2QVA6xujgghUR9RY2X-1p_oorqyP_gtTK2gFxoCN4_4nUPjekl9anU-GgwYseNbhKSQwc8l1-54DnaHvQg3YdajQmqV1Orjb7awZCnwkFV1cAJ6tJMv8jh-F2NR7bHVbC6K_yG6j16VWGn7KXxwNI6FbfZuecVL_8TJCYi4SjDsKCoOFbSHKEtir4icn7Ww1-QQinyrtL3IR_iXGCQACvJTS6K8
Requested by
Host: eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com
URL: https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
platinum_master.png
s0.2mdn.net/9492030/1621516504741/ Frame ACCB 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1621516504741/platinum_master.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1621516504741/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
483272f53a02d29930a9435b38536cf33fabb05dae586eb0877b7c5fc16a8d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1621516504741/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 07:19:28 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 13:15:05 GMT
server
sffe
age
68131
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7148
x-xss-protection
0
expires
Wed, 02 Jun 2021 07:19:28 GMT
karte1.png
s0.2mdn.net/9492030/1620201710760/ Frame 17C5 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1620201710760/karte1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1620201710760/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a320c1104fcd0e577607abe785ca389897b5c7ac2d52a35e02084f496cdafac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1620201710760/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 May 2021 08:01:50 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9517
x-xss-protection
0
expires
Thu, 03 Jun 2021 02:14:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 267B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstc6nPO-AIz1YzBegkdKza_6mNDKZhg__Up83pjxruD5XeRbxswfoPDlTLLs8lwbVWKFPpY1DzG0yFk9XSWRU7Jy92JV7SHNoBKLGnq8n952ieWvbMxSIYY2ZCjW49u_7aBCp-4NBZ2h_ibTB2e3Im0w-ZpOHrajYO_y7z1tcab67qwCucg0JJuiqzGuthvOjoa-pSTxv-2RFxoqaqcTlWfHc9lfilXzwnsfOmPIbCMoaDhvSMZEPZfE0jKMF_swiQ55esNRI5AIrLZgmf7EZVaBmyTu4n-ZtXvhQcBqk3AlRltSY9gR_0y5bb2wfY73OIVlTNtVkZHPesgMVOQmVOElK-IvmltXkW11L6Tf602jMdAyjIBPfpQDPcQcthpQBH4XcpngJCSucUZvrnBCkVbzqseCFwKaqx1M2UpadFtiyDQyrWv5UJ7GEzPEpDjkljRKUEfSPaYSKz7hw9UkEh5esHsvamGwjehFR5zdpJGPLAIjCSSB31IbLW8tiBbSVFIC3j8jsT_rMkC_-KjbWncR7EDzX2H4lyezGMAhvdk1yOWkH_43dDyPtJZ_SctOlKMNCzi6FHlemPBEBSW01jJJKGaDnZzUEo_iUvSKxxCLTpoYmlifsnffHAOtOK5hr7nMCblOPRwvoGhnVNUyRp-CF0a30fnQ-EqKcbHakvZEUq-vMIGCURBZHPaOOYeeUjMlpFSmosLVEUTN5_6Jx4md7ll47Sbq3g4qjstulqE7WSKcyzWS5Ka8P8BWFVtjJA3S8MzTsAurX4WLc30njkdz2CrDMTUxQIHsINHWmV4HpZ3OUZdl6UnLTKiq7ekHLahYxAgU9AQaA29_SiNFQ1l4Eeo9sB7Mp0BiToJ5cf2bDcqN8r7AsafpKuu604BJNctn8Bp0N8T5HH3IxeZh6VEN9cY5c45vllQHgxjQi64SSkT-VtJpKWjSvRXKysKGln6axS1ymuJUINvhKDADd1jo2ZCtrUOS7dK3ORpXjr1lNF_p9ttTn0R_tKNyfO5V5C5bXRgnbAvbk1uu_tHKPALIvKxgDM1o_Bd4D_328gITJ_5ucL1bDRKhd61jk_dJckWkh7mMhF2e_A6l1j-8b6MpRYnf6mbZEy4fgRpvFa_ba1M6JFDhO-6XvPgth3YzwzLuFeato6MV-0j1xZIY2LOHY2J-u9iYaH_Gx6nII7u7d37DHF-ijoHoQciyXmqIm_ZYdPZKfnX9ABivyNHOf4LpVUXbjz9irFO0VIv7OzpcSk_4-iPqjYGlaA1Hg1pPbOerCLsunE&sai=AMfl-YRWpkb2kHYB_vKpFToH7jdgDFq4icJu5E8WTfMLlUxGZAN6TNFpM65UnhcvsEBs6CZDHvG3xr4BYup5KobxNZ5A20D5NeB8G3fubYLCwpJV4cfH3M-WDAFB8v2CIDcgzn40RFIFKdSkAd1HP-TScUIyesZIcVGvMU1kWz_tqv6BHCUhy5AzhY9VR3NgVYjcnppfXl6XO3VYIBumRoDbXlezBsOhh3c4mzNV3ooZ3A&sig=Cg0ArKJSzDWHz1yNYibHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=546&vt=11&dtpt=413&dett=3&cstd=130&cisv=r20210525.98628&adurl=
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3333 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-5Ifoum2YJa0Lp2LjuwP9pe4wAYAAAAAOAHgBAI&bg=!p6SlpODNAAaMan2LjGo7ACkAdvg8WuNGfWfMxfD0hlROZHYyDgdIpSfBJvwB-3nTJjJfMMj1nw0qrgIAAAEQUgAAAA5oAQcKAESZJvchhHIyK3J5-Swifr7-COzb_jmIb9YvQ_waEr808vGQkCiat498qR5t0DCuI-6qH0X96omoXOpFhlaFqqV3K-p3i5kCniiKvI8bWI8mqzI_GETHWIM8z-1seHXVqVbZy4iG_DJIgSqy7yybS7SEcMu7dm4yjO4TH992sOqjjCCEdFL8BAa6v_58w9oZG_B6DC4_DvdZQDUHELQ9_Sve1TlDfdtZkulvHyMoh1Fnnge3tGXre4IMVwotl4n9kPN6LugY9NLy-jHqWKktg4IUSvvYkJGbepd-Tbv9MBPDskr-_Cv9PuOOve18UaQ478qVs62rqPifZ_DLAi5FqaEJELuQn8AMjxL303V5fXbcgz3Na8ZG0PkLMA6NzcSAZT6vwZhhQEcKmcJrb3ucu3mO0-vrumhsgyEINRfvTP2fKbLnRy0kexP4pKVU3uNasnZiaP-SA_gKf6nNOjp-fKGZfr_Ksm6LjDFVxLQrMLsu1Pd1zcQ6SwAAjuKcRhwnrc6_Np4iOOkjqNKjQEaScVc2tdGDp8zsiGGEzQYxLuRVPYc3yIU81pllROCyXZ_dy0LyXFZq5oU07_CNiqR7kmg3EKk3sruw-DxFf3Yy1cPbIn8k5l83ADmf8udOpfPgbb3M1TWOpIcnFMNfE5bXvL_Aju1WYEfvTOiuLYMpQkqJN1KPx4Sn0qrAX6_L29I06XffhJaNE-YcE2C5rwnHB9JzgSzpOk60hDNqlVCy4hHfUSuiclFLlQnaXVAdQrH-NyXLDnTVWSchgqIMMrMEL-jqAltaGqWBy3xkHWCcbO20YrGvvdpjRMRzy5HOCZP67t-EnV2ngej4N47-XDau0-b9x8nXCZ-31SgEC66RWnzFqY9lgBAHFzMS3aBLpFql1bL67OkGFyFmhKeUj-OHlQOL4Zgcgrt8iofOGp6eJwzE3DFDEKMd21k0qTomyrAcZokh14kvfQ_6U-FSyRNhhEOq52UP5XE
Requested by
Host: eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com
URL: https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
karte2.png
s0.2mdn.net/9492030/1620201710760/ Frame 17C5 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1620201710760/karte2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1620201710760/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ec66905a17e189f80e12d9f1639a69d1a5ba1c016531b1a484873a63efffe50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1620201710760/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 May 2021 08:01:51 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9213
x-xss-protection
0
expires
Thu, 03 Jun 2021 02:14:59 GMT
truncated
/ Frame ACCB 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8abb7ca2bbd50b7a9d10105ac5a82a180d27d4f2e0f07445c89188cbe7a84699

Request headers

Origin
https://s0.2mdn.net
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/octet-stream
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame D587 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
y2EUw.irPGYHWZQvvHFS16CCD7wJF5Fq
content-encoding
gzip
etag
"7f7f981d4ecb61feeff48e66441716da"
age
25312
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5628
x-amz-id-2
U1TbYOeMJdgziqZUZ5Pw84oNcXMDzoETnzr3O2tNyYtFI5qeISf28bNEhQhnuLD7gQtVvaHA7Do=
x-served-by
cache-hhn11524-HHN
last-modified
Sun, 30 May 2021 11:12:52 GMT
server
AmazonS3
x-timer
S1622600099.478835,VS0,VE0
date
Wed, 02 Jun 2021 02:14:59 GMT
vary
Accept-Encoding
x-amz-request-id
NWCPYBF1DRE03144
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
76
x-cache-hits
195897
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame D587 		2 KB
1005 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
12350
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by
cache-hhn11524-HHN
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1622600099.478856,VS0,VE0
date
Wed, 02 Jun 2021 02:14:59 GMT
vary
Accept-Encoding
x-amz-request-id
CR4E2RJ6SANDVYVF
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
76
x-cache-hits
21793
tfa-eid.20210531-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame D587 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210531-8-RELEASE.es6.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
587f61f2a0e3b04a32e6905b4030f9ed0a03ac2a0218d986c1736be2a8d1bf8f

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eiGuRlCiqZVEAIpQiKMGz3pMqCnBJxDJ
content-encoding
gzip
etag
"0a50a8810b6c00891b72d1d1331c392b"
age
112
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4867
x-amz-id-2
Dg5093AyuaKJXfzGnvkPQZ1RvJggqmDs20rFDLPp+d8CpCgM/SZvM2ciXtw0NIUga3eksL8Sa2A=
x-served-by
cache-hhn11524-HHN
last-modified
Tue, 01 Jun 2021 12:42:40 GMT
server
AmazonS3
x-timer
S1622600099.480407,VS0,VE0
date
Wed, 02 Jun 2021 02:14:59 GMT
vary
Accept-Encoding
x-amz-request-id
GAK5AQ04SG2DP2GE
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
76
x-cache-hits
221
sha256.20210531-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame D587 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210531-8-RELEASE.es6.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b866091b86aa3f240072a9f442783b787a8fbab138f005f89ddc7eee2ccbc6f

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
6a2LqGa8BGuPZO9WWenPX4YzWqSMFBPq
content-encoding
gzip
etag
"6ca0d5f3f416f741e56145de17e7e4ec"
age
100
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2595
x-amz-id-2
/TfKasl94uMYnxFlUBRhkDlUklISS16rpeKvWWiu/myOJnLeKyNKI3jYXnvSJ1fUILoQFWGkmLU=
x-served-by
cache-hhn11524-HHN
last-modified
Tue, 01 Jun 2021 12:42:53 GMT
server
AmazonS3
x-timer
S1622600099.480395,VS0,VE0
date
Wed, 02 Jun 2021 02:14:59 GMT
vary
Accept-Encoding
x-amz-request-id
F71A4JD0BXBEPNNR
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
76
x-cache-hits
183
userx.20210531-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame D587 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210531-8-RELEASE.es6.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab237484f8603ecb3fe317be87032945d68d5899d66b9fbcb7936e5cc8618854

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
G5x1UjTzFIETH2TIxNNm88GDKlTd1xsX
content-encoding
gzip
etag
"c294d9abac365f484c6bd24d2f6e4bd4"
age
110
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7962
x-amz-id-2
asiMgoxtG5HNZ2mDpXSftiEfuqBIoUKoZw4DStaRBH2ewJM5ecJXQLSPzVbpOYLounHfRbnybUA=
x-served-by
cache-hhn11524-HHN
last-modified
Tue, 01 Jun 2021 12:42:35 GMT
server
AmazonS3
x-timer
S1622600099.491366,VS0,VE0
date
Wed, 02 Jun 2021 02:14:59 GMT
vary
Accept-Encoding
x-amz-request-id
0E8DX8JMGEYMJD1P
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
76
x-cache-hits
27
platinum_amex.png
s0.2mdn.net/9492030/1620201710760/ Frame 17C5 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1620201710760/platinum_amex.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1620201710760/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27525d13bab01446862a49b2da3aebe337534e0c23a2766e61d35aaa42bf090f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1620201710760/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 06:42:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 May 2021 08:01:51 GMT
server
sffe
age
70373
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9331
x-xss-protection
0
expires
Wed, 02 Jun 2021 06:42:06 GMT
fc972549c6714ea0c8494794a062e6e4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D587 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc972549c6714ea0c8494794a062e6e4.jpg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d16f075a0f0d6d996c2bc7601f661c21f72f7d35c5b6b38086e26ebf1a382ed7

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:59 GMT
via
1.1 varnish, 1.1 varnish
age
2636467
edge-cache-tag
338374040357011628686917397522305439304,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Fri, 14 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc972549c6714ea0c8494794a062e6e4.jpg
content-length
2104
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Tue, 13 Apr 2021 14:14:00 GMT
server
nginx
x-timer
S1622600100.504032,VS0,VE1
etag
"614acc81ebcecea352cab05c09085314"
x-served-by
cache-wdc5582-WDC, cache-dca12922-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
42dc6a4486c2820a2ef87ed29b7c8d86.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D587 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/42dc6a4486c2820a2ef87ed29b7c8d86.jpg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff70a6229c2ed19db0e8c2407aa3577bc89b7ff31e40b7ea7c48e9d16d2b4d6b

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:59 GMT
via
1.1 varnish, 1.1 varnish
age
3347380
edge-cache-tag
504867422696637349985693919230247743699,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Fri, 14 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/42dc6a4486c2820a2ef87ed29b7c8d86.jpg
content-length
3940
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Tue, 13 Apr 2021 15:46:36 GMT
server
nginx
x-timer
S1622600100.524982,VS0,VE1
etag
"721c43972cac6d10facb7dab31f3b1d9"
x-served-by
cache-wdc5523-WDC, cache-dca17759-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
e0fb83d16a114d1da7ea9e4d1416a962.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/e0/fb/ Frame D587 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/e0/fb/e0fb83d16a114d1da7ea9e4d1416a962.jpg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a1cebe7c4183ed52c82628edb5efcc47f0d35097c7ef991e7705cf8e352a5a9b

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Jun 2021 02:14:59 GMT
via
1.1 varnish, 1.1 varnish
age
2372097
edge-cache-tag
434525115978616994507165927956822713111,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/e0/fb/e0fb83d16a114d1da7ea9e4d1416a962.jpg
content-length
6268
x-request-id
f0c45e85f68485593297f1b1405440dd
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Sun, 18 Apr 2021 00:55:46 GMT
server
nginx
x-timer
S1622600100.545763,VS0,VE1
etag
"ce9670340e38d44ccb81bd0132331f24"
x-served-by
cache-wdc5574-WDC, cache-dca12921-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
platinum_master.png
s0.2mdn.net/9492030/1620201710760/ Frame 17C5 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9492030/1620201710760/platinum_master.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9492030/1620201710760/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
483272f53a02d29930a9435b38536cf33fabb05dae586eb0877b7c5fc16a8d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9492030/1620201710760/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:14:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 May 2021 08:01:51 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7148
x-xss-protection
0
expires
Thu, 03 Jun 2021 02:14:59 GMT
fc972549c6714ea0c8494794a062e6e4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D587 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc972549c6714ea0c8494794a062e6e4.jpg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d16f075a0f0d6d996c2bc7601f661c21f72f7d35c5b6b38086e26ebf1a382ed7

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Jun 2021 02:14:59 GMT
via
1.1 varnish, 1.1 varnish
age
2636467
edge-cache-tag
338374040357011628686917397522305439304,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Fri, 14 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc972549c6714ea0c8494794a062e6e4.jpg
content-length
2104
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Tue, 13 Apr 2021 14:14:00 GMT
server
nginx
x-timer
S1622600100.567406,VS0,VE0
etag
"614acc81ebcecea352cab05c09085314"
x-served-by
cache-wdc5582-WDC, cache-dca12922-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
activeview
pagead2.googlesyndication.com/pcs/ Frame 53AB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvj8JHo-Sv6RbnTfxqSdQv1WJJhUFX1XNBfF-fbJyFG3CcGV2hTM5-aNOQDdklNMBgXbJcVHcgONc5-ykYCltnRV6FMHq8kt5CDh0ExkD4&sig=Cg0ArKJSzBCfeje-RMu_EAE&id=lidar2&mcvt=1000&p=1006,436,1096,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210526&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3913190169&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622600098164&dlt=0&rpt=398&isd=0&msd=0&r=v&fum=1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
42dc6a4486c2820a2ef87ed29b7c8d86.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D587 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/42dc6a4486c2820a2ef87ed29b7c8d86.jpg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff70a6229c2ed19db0e8c2407aa3577bc89b7ff31e40b7ea7c48e9d16d2b4d6b

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Jun 2021 02:14:59 GMT
via
1.1 varnish, 1.1 varnish
age
3347380
edge-cache-tag
504867422696637349985693919230247743699,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Fri, 14 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/42dc6a4486c2820a2ef87ed29b7c8d86.jpg
content-length
3940
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Tue, 13 Apr 2021 15:46:36 GMT
server
nginx
x-timer
S1622600100.587727,VS0,VE0
etag
"721c43972cac6d10facb7dab31f3b1d9"
x-served-by
cache-wdc5523-WDC, cache-dca17759-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
view
googleads4.g.doubleclick.net/pcs/ Frame 66DB 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstXSvMrUy_tzr91scAu90uNAq-bWTkg4cvSXSP38rv7vG1nsXhIsACxZ85lX0eYFfuq-WDsJILui1sDZWkbimCM3WjgE6ENEJ_Xe9tZ9TWAbEst-24LLFvUVx1FGucIbq9p8BXtwD8Pfm3mNQM05C9_C2KK63cZI744RVnUuqPaa_9dOSRh67O2NfHdvPu0BmQHO35CygKgPT-_VdMM3Y2YJYUDXyq5G7ymDbySlswbkC_5bDENqGoUpfkHsjNIN2lBE8DEPHpjMP8nb59axoRS_GyE1kM7qcCfqv1szCAobJIXH5Kjl6UFQ515dPcWvIJjTj8qV4B92hekF0wT9RyIZn51r3qPs1jVrFWp5LUvjm1dnMrS7VOBxvaI903QX3b84DFgymUKiW1IZ0nBSPeVtJa1EsmpdpCzoYLcDyGMpg_xz1DDl7llOb0BT0P2b5kQoV79y5NrsbQMdhOWKKnByuPrPOkylKQq_PuuTalFU4dPSep6KyqtQCYTpdleFCwOv5hREeYy7cisDURcCZMQtLqPuRvl7Q2YX7TlRfXlFKA_uS1ThcX7d38Zf-nh8kcKHO_X6IHyqFMujrgtX2-gKEYZ_x31mdQOsygVb3fQ_x4yb5f4ZG83hIK7Db4ZhUn9R8L2Cvu87Of8UiHPeqwfh5AMPrNL2BgOCyGEfyjOFnV2f7BpjvnqfxVkBu_Of5q3_N4dM7MCyV7DS4HqVPo39zLcY9WGs1Dm8nBscJzUPuNZRq8cyI4hyt1l4p90RLFe0ekiN_tLQR7tQ4nnoFvhVDThraxoeFizjzMUekPal3rtTaf_o34wsorifhnM4VKessRvra_rNNWa-lz2bkLngWML5YstC0NjL-gMaYbt95pPKIMmslk2a_mrdU5twBwbFNsOaopcaMHGdrX5hSqmL5bJhiP8m0S_fBdoNoJJGCDlFSA51pAMB9tvLBClzOYC-0KAhbAQwyx2TbO6JzsN1HVnoCDjiikFepmV8JuHSejEw_jj9uPYHaeL--N5Fn0YzGNjrrtGIIGpWvxtoDhZsJSbQqHSDbHwvQBczbKJlMuB0y-h56hwU5ZHwJSIaCGznbD0C9u7j4NU3yvSEyDh5BNUjFVvnDh7kzfS5ZoCt6RgUBP_93PKe9zC0WbVhGflAvuaXli9ojiLORN7DsoRCoqDd-MsZUSMHe6p9cqWts0XNsOGhCqWYBAzvDoEYcZMyeYMg3P73fDrUnyC78LW9vo-6XpX0cQi1wxt-4W1e9HlnyxCVP9DH9EDQ6U5&sai=AMfl-YTFkMj71tsao1qUF9xQsslCqQS9pT9l_XMRUoN6TFM3HKB5-YPRfxscExzaJzKkKvKd2LgRUnl3Gf-ccup2eJhYoDvAmx5VCEH7eI0TgX11sVRQgr8Kc9DqqWKDHmViRJLAOYZXGFODQ3sMw-GX5gve_fB5aMkG00_6WLsV91ql4oVG4sUvQqfrKFZ1B6sV__XezLOu2o3Al5uqVOnCe1xuIxls9IOs1Ioayerr4w&sig=Cg0ArKJSzENtpbxgPIOIEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=719&vt=11&dtpt=583&dett=3&cstd=132&cisv=r20210525.59733&adurl=
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:14:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
e0fb83d16a114d1da7ea9e4d1416a962.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/e0/fb/ Frame D587 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/e0/fb/e0fb83d16a114d1da7ea9e4d1416a962.jpg
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a1cebe7c4183ed52c82628edb5efcc47f0d35097c7ef991e7705cf8e352a5a9b

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Jun 2021 02:14:59 GMT
via
1.1 varnish, 1.1 varnish
age
2372097
edge-cache-tag
434525115978616994507165927956822713111,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/e0/fb/e0fb83d16a114d1da7ea9e4d1416a962.jpg
content-length
6268
x-request-id
f0c45e85f68485593297f1b1405440dd
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Sun, 18 Apr 2021 00:55:46 GMT
server
nginx
x-timer
S1622600100.607586,VS0,VE0
etag
"ce9670340e38d44ccb81bd0132331f24"
x-served-by
cache-wdc5574-WDC, cache-dca12921-DCA, cache-hhn11524-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
truncated
/ Frame 17C5 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
177f00e4e4427b4ec245a2717fbbc58ed3805a003cac4a5855a59f0329f2c1e6

Request headers

Origin
https://s0.2mdn.net
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/octet-stream
bulk
trc.taboola.com/synacor-tdsresidentialportal/log/3/ 		0
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/synacor-tdsresidentialportal/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210531-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
53
pragma
no-cache
date
Wed, 02 Jun 2021 02:14:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1622600100.648037,VS0,VE53
x-served-by
cache-hhn11524-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://portal.tds.net
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
SPug
simage4.pubmatic.com/AdServer/ Frame 65F4 		0
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156657&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Wed, 02 Jun 2021 02:14:59 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame D587 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutm8qof10eMej-R0ncmPRZglQb2pZ9Mn1lE6qB7QDBucMRcJYldu_NBFVuPAkuEke0L1OezlHr0f3nDC4ae_oE2VX3A2lyWX3PbYDGAhI&sig=Cg0ArKJSzKUoTMPJswmSEAE&id=lidar2&mcvt=1000&p=1105,436,1198,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210526&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1211393463&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622600098165&dlt=0&rpt=528&isd=0&msd=0&r=v&fum=1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 66DB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszJr2FDo7p-CaVO9Osdd0dt4Qys_MpAYm0gqXpz9gvAwtoVy8-RPZNmo0o_6StJrODjNF3SO5VhgPO7huwyccepaRRajKOR4HhnesC_b39BS7KjgV9sleKN7YGtw&sai=AMfl-YTDWLmm3b-_uv8WGYZzI1WYLhtfWUZyxQ7VXZ1hGCsKGf-fu8l3FFZ6qoKOcRpnxB_aXJ6ElmPt-4XKRg2y3HYK7iPaOWWP2XFrPdwE9xMthGIoeBHrxWBuimCKGS4&sig=Cg0ArKJSzGEIr6BpUDyWEAE&cid=CAASPeRo3h4nygjumoGM3IOXXMUuqyOwRylkDcnU8aOwZuuhDWPI5-WSLbz5c0TCmkqB5Gz0KlZE3HoxfOIfCpM&id=lidar2&mcvt=1004&p=12,436,102,1164&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1138528294&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622600098162&dlt=62&rpt=563&isd=0&msd=0&r=v&fum=1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 267B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstr6JZS0cD8dSQDa6lupUFrs_hWZVdjjS4yqURLkZ697aarihGjY_fBPPmgWLXHZ0Do7RUeSFRe_lFkXXM9E9UIiqav2vMsIdjq8pvfuHoF1J_4KqQAmtX5E5UvOw&sai=AMfl-YS1ygFYuTrY-xelMn1VvVRXhC5WwUwH3zkta6IBTbdz8OyExYqQpcUffgThV9B7gfZSly16p4RoZ18prdPNm9h20mk2mik2AOJs4VvDlm8uDXPnoZuRrRAYhhLIcb8&sig=Cg0ArKJSzPe-t3RB90I0EAE&cid=CAASPeRou4JuL9Sr3fwSTgPw40bcCiTIgPluigdMD-YoPdAZ5TAhjXayFb5R0JbM1iJ56r4EW40wN_a4fEJS0SI&id=lidar2&mcvt=1000&p=298,1032,548,1332&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1172002462&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622600098164&dlt=57&rpt=552&isd=0&msd=0&r=v&fum=1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:14:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bulk
trc.taboola.com/synacor-display-tdsresidentialportal/log/3/ Frame D587 		0
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/synacor-display-tdsresidentialportal/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210531-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
59
pragma
no-cache
date
Wed, 02 Jun 2021 02:15:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1622600100.499840,VS0,VE59
x-served-by
cache-hhn11524-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://portal.tds.net
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/synacor-display-tdsresidentialportal/log/3/ Frame D587 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/synacor-display-tdsresidentialportal/log/3/visible?route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210531-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
56
pragma
no-cache
date
Wed, 02 Jun 2021 02:15:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1622600101.503841,VS0,VE56
x-served-by
cache-hhn11524-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://portal.tds.net
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame D587 		254 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
9563
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
3fxKGKGG7x9smUgGRZY3/0rYOUUaxLooyKppUJbwjC3F0De0S2w7jAiA03CoGdM8qf9YzUtHXMg=
x-served-by
cache-hhn11524-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1622600101.533472,VS0,VE0
date
Wed, 02 Jun 2021 02:15:00 GMT
x-amz-request-id
BZA2MM8GAVQZA74K
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
76
x-cache-hits
1757
showad.js
ads.pubmatic.com/AdServer/js/ Frame B4A0 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://portal.tds.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8; chkChromeAb67Sec=1; DPSync3=1623801600%3A201_197_219%7C1622678400%3A174; SyncRTB3=1623801600%3A21_22_56_161_7_54_55_13_234_3_71_81_8_166%7C1623196800%3A223_2_15%7C1623888000%3A35%7C1623456000%3A63%7C1625184000%3A203; KRTBCOOKIE_377=6810-392c1730-50b0-4dd5-9682-00e5b40a3ace&KRTB&22918-392c1730-50b0-4dd5-9682-00e5b40a3ace&KRTB&23031-392c1730-50b0-4dd5-9682-00e5b40a3ace; PUBMDCID=3; KRTBCOOKIE_22=14911-3074448325661272662; KRTBCOOKIE_27=16735-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&KRTB&16736-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&KRTB&23019-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&KRTB&23114-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2; KRTBCOOKIE_1101=23040-6969014351106078859; KRTBCOOKIE_336=5844-4944437266062326293; KRTBCOOKIE_153=19420-1RyaNIYVmTPOTp46hknVO9cczGTOScw12k5IvEKT&KRTB&22979-1RyaNIYVmTPOTp46hknVO9cczGTOScw12k5IvEKT; KRTBCOOKIE_57=22776-1240362917277177338; KRTBCOOKIE_80=22987-CAESEH04k5I6e2SoY2AhLI-ElM0&KRTB&16514-CAESEH04k5I6e2SoY2AhLI-ElM0&KRTB&23025-CAESEH04k5I6e2SoY2AhLI-ElM0; KRTBCOOKIE_391=22924-5821613659031366264&KRTB&23263-5821613659031366264; KRTBCOOKIE_188=3189-ab3e1485-58df-4782-801d-bbcc1d3e9c37-60b6e9a2-4348; KRTBCOOKIE_1235=23226-0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20:$UID; KRTBCOOKIE_218=22978-YLbpogABQ51yOABg&KRTB&23194-YLbpogABQ51yOABg&KRTB&23209-YLbpogABQ51yOABg&KRTB&23244-YLbpogABQ51yOABg; KRTBCOOKIE_466=16530-9afa73fd-a392-4712-8848-229040e385e3; PugT=1622600096; SPugT=1622600099
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.tds.net/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=153009
expires
Thu, 03 Jun 2021 20:45:09 GMT
date
Wed, 02 Jun 2021 02:15:00 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 819F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://portal.tds.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgI6-I-EAoYASABKAEwoNPbhQY4AUABSAEQoNPbhQYYAA..; uuid2=1240362917277177338; anj=dTM7k!M41.D>6NRF']wIg2E>4l'O?+!@wnfH8K6pQK`!5=E<*L5?%K-_go]Bk6%^-lh6J1]^W8.k`DTfC]Z>GlXB=+%nugO%v4VB%nm%J)n.k3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.tds.net/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 03 Jun 2021 02:15:02 GMT
Date
Wed, 02 Jun 2021 02:15:00 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync.html
ad-cdn.technoratimedia.com/html/ Frame B9F2 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.35.0
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C9B) /
Resource Hash
ff8efe03e36fae8294a9f7448f03cd707e09935b213ea2d445efcbcab7370790

Request headers

:method
GET
:authority
ad-cdn.technoratimedia.com
:scheme
https
:path
/html/usersync.html?src=prebid_prebid_4.35.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://portal.tds.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tads_uid=GDPR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.tds.net/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
524
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Wed, 02 Jun 2021 02:15:00 GMT
etag
"42b7-5c2afe6a21300"
expires
Wed, 02 Jun 2021 02:30:00 GMT
last-modified
Wed, 19 May 2021 14:47:08 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (mil/6C9B)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
177177779
content-length
5429
2000840.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 4C3F
Redirect Chain
  • https://sync.serverbid.com/ss/2000840.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000840.html
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000840.html
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0cb81759ba7ceefb12563171e5d9d933d4b4f669a81f24e44fb5819f505e5e77
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Host
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://portal.tds.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.tds.net/

Response headers

Date
Wed, 02 Jun 2021 02:15:00 GMT
Connection
Keep-Alive
Cache-Control
max-age=53377
Content-Length
4349
Content-Type
text/html
Last-Modified
Thu, 10 Oct 2019 18:38:47 GMT
Accept-Ranges
bytes
etag
"fb24ed276da19f714dd2db75c933927e"
x-amz-request-id
tx000000000000019f6b49d-0060b668a5-4d742c0-nyc3a
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
0
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1622600100.dop231.fr8.t,1622600100.cds244.fr8.shn,1622600100.dop231.fr8.t,1622600100.cds137.fr8.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000840.html
cache-control
no-cache
ixmatch.html
js-sec.indexww.com/um/ Frame 0F8F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://portal.tds.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.tds.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 02 Jun 2021 02:15:03 GMT
Connection
keep-alive
check.html
biddr.brealtime.com/ Frame D1FF 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://portal.tds.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.tds.net/

Response headers

Date
Wed, 02 Jun 2021 02:15:02 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
QPg1IxGUgjHTe7yzLH8py8UlQ29OR40peYVEDcjXTyeAHVyZwzC0KXVtNZxdJdP2rI/IbEV/hlg=
x-amz-request-id
Q2J7PAP1GZJS9FPM
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
2629
Expires
Wed, 02 Jun 2021 02:16:02 GMT
Cache-Control
public, max-age=60
cf-request-id
0a6c19cbc0000001db061ca000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
658d2bf2cb5a01db-ZRH
Content-Encoding
gzip
PugMaster
image6.pubmatic.com/AdServer/ Frame B4A0 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11644297&p=48110&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4f7509aedd345b0f9ab04f53704edd82b5440c9f84684f8d0d6fe019f637d778

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:00 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame EC77
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=308301117
  • https://sync.1rx.io/usersync/tradedesk/392c1730-50b0-4dd5-9682-00e5b40a3ace
  • https://sync.targeting.unrulymedia.com/csync/RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8; KRTBCOOKIE_377=6810-392c1730-50b0-4dd5-9682-00e5b40a3ace&KRTB&22918-392c1730-50b0-4dd5-9682-00e5b40a3ace&KRTB&23031-392c1730-50b0-4dd5-9682-00e5b40a3ace; PUBMDCID=3; KRTBCOOKIE_22=14911-3074448325661272662; KRTBCOOKIE_27=16735-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&KRTB&16736-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&KRTB&23019-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&KRTB&23114-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2; KRTBCOOKIE_1101=23040-6969014351106078859; KRTBCOOKIE_336=5844-4944437266062326293; KRTBCOOKIE_153=19420-1RyaNIYVmTPOTp46hknVO9cczGTOScw12k5IvEKT&KRTB&22979-1RyaNIYVmTPOTp46hknVO9cczGTOScw12k5IvEKT; KRTBCOOKIE_57=22776-1240362917277177338; KRTBCOOKIE_80=22987-CAESEH04k5I6e2SoY2AhLI-ElM0&KRTB&16514-CAESEH04k5I6e2SoY2AhLI-ElM0&KRTB&23025-CAESEH04k5I6e2SoY2AhLI-ElM0; KRTBCOOKIE_391=22924-5821613659031366264&KRTB&23263-5821613659031366264; KRTBCOOKIE_188=3189-ab3e1485-58df-4782-801d-bbcc1d3e9c37-60b6e9a2-4348; KRTBCOOKIE_1235=23226-0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20:$UID; KRTBCOOKIE_218=22978-YLbpogABQ51yOABg&KRTB&23194-YLbpogABQ51yOABg&KRTB&23209-YLbpogABQ51yOABg&KRTB&23244-YLbpogABQ51yOABg; KRTBCOOKIE_466=16530-9afa73fd-a392-4712-8848-229040e385e3; PugT=1622600096; SPugT=1622600099; chkChromeAb67Sec=2; DPSync3=1623801600%3A219_221_226_227_232_201_197%7C1622678400%3A174; SyncRTB3=1623456000%3A63%7C1625184000%3A203%7C1623801600%3A71_99_189_22_3_204_78_54_55_161_166_165_220_88_222_56_7_13_234_231_21_176_81_8_230%7C1623196800%3A15_223_2_67%7C1623888000%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:15:00 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003&KRTB&17107-RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 31-Aug-2021 02:15:00 GMT; path=/ PugT=1622600100; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 02-Jul-2021 02:15:00 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 31-Aug-2021 02:15:00 GMT; path=/
x-lat
amspug009:0:356
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Wed, 02 Jun 2021 02:15:00 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003%22%7D; path=/; expires=Thu, 02 Jun 2022 02:15:00 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003
etag
RXb1f8f8b232d6456aaef9be835b2d9831003
Pug
image2.pubmatic.com/AdServer/ Frame 7CE2
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GfuCs1hBtbEpNrqjm0rbW6DH
42 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GfuCs1hBtbEpNrqjm0rbW6DH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GfuCs1hBtbEpNrqjm0rbW6DH
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KRTBCOOKIE_279=22890-56b9f0c5-c348-11eb-8b8a-6f120b61e297&KRTB&23011-56b9f0c5-c348-11eb-8b8a-6f120b61e297; PugT=1622600101
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:15:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-GfuCs1hBtbEpNrqjm0rbW6DH; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 02-Jul-2021 02:15:03 GMT; path=/ PugT=1622600103; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 02-Jul-2021 02:15:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 31-Aug-2021 02:15:03 GMT; path=/
x-lat
lhrpug018:0:352
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Wed, 02 Jun 2021 02:15:03 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=GfuCs1hBtbEpNrqjm0rbW6DH; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GfuCs1hBtbEpNrqjm0rbW6DH
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame 8B1A 		42 B
1009 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 02 Jun 2021 02:15:00 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a6c19c31700001f15fc8f5000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
658d2be4fe2d1f15-FRA
bridge
cm.adgrx.com/ Frame 2F6D 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Wed, 02 Jun 2021 02:15:05 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-3
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame 235E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=BRPvU9wsyZiC&pid=557219
1 B
144 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=BRPvU9wsyZiC&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=BRPvU9wsyZiC&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:15:01 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 31-Aug-2021 02:15:01 GMT; path=/
x-lat
amspug012:0:388
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-555c8fd69d-zhs6l
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=BRPvU9wsyZiC;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sat, 28-May-2022 02:15:02 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=a24e42b2992119b5; path=/; HttpOnly; Secure; SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=BRPvU9wsyZiC&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
i.match
s.tribalfusion.com/z/ Frame D83B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a5noeUsjyDymTFMcGJ5rVnWrWVYc2TDE5sybTolq
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 02 Jun 2021 02:15:00 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=afnseFmge07ousnA7ffEa2GrUoRdS7u8tDubariGtGZbcr1YsvRAs570Oohj4FuvpVyyAbuRJTyyWuHqVAFfT; path=/; domain=.tribalfusion.com; expires=Tue, 31-Aug-2021 02:15:00 GMT; SameSite=None; Secure; ANON_ID_old=afnseFmge07ousnA7ffEa2GrUoRdS7u8tDubariGtGZbcr1YsvRAs570Oohj4FuvpVyyAbuRJTyyWuHqVAFfT; path=/; domain=.tribalfusion.com; expires=Tue, 31-Aug-2021 02:15:00 GMT;
cf-cache-status
DYNAMIC
cf-request-id
0a6c19c3c90000061465326000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
658d2be60fbe0614-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Wed, 02 Jun 2021 02:15:00 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
764
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=a5noeUsjyDymTFMcGJ5rVnWrWVYc2TDE5sybTolq; path=/; domain=.tribalfusion.com; expires=Tue, 31-Aug-2021 02:15:00 GMT; SameSite=None; Secure; ANON_ID_old=a5noeUsjyDymTFMcGJ5rVnWrWVYc2TDE5sybTolq; path=/; domain=.tribalfusion.com; expires=Tue, 31-Aug-2021 02:15:00 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
0a6c19c320000006145995f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
658d2be4fead0614-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
141
match.deepintent.com/usersync/ Frame DB8B 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Wed, 02 Jun 2021 02:15:03 GMT
server
a
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 013A
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
76 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 02 Jun 2021 02:15:00 GMT
via
1.1 varnish
x-served-by
cache-fra19169-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1622600101.710916,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20;Version=1;Path=/;Domain=.taboola.com;Expires=Thu, 02-Jun-2022 02:15:00 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Wed, 02 Jun 2021 02:15:00 GMT
via
1.1 varnish
x-served-by
cache-hhn11524-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1622600101.637056,VS0,VE54
x-vcl-time-ms
54
content-length
0
receive
pixel.tapad.com/idsync/ex/ Frame 6DBB
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1622600099890; TapAd_DID=e953c59b-897f-4d59-90d6-3aa685c01814; TapAd_3WAY_SYNCS=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 02 Jun 2021 02:15:00 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear

Redirect headers

server
nginx
date
Wed, 02 Jun 2021 02:14:59 GMT
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 31-Aug-2021 02:14:59 GMT; path=/
x-lat
amspug004:0:374
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
Artemis
aud.pubmatic.com/AdServer/ Frame B4A0
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&addseg=31
7 B
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:05 GMT
content-length
7
content-type
text/plain; charset=utf-8

Redirect headers

date
Wed, 02 Jun 2021 02:15:05 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
info2
uipglob.semasio.net/pubmatic/1/ Frame B4A0
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:07 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:07 GMT
frontend-id
14
location
/pubmatic/1/info2?sType=sync&sExtCookieId=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame B4A0 		95 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
658d2be4eb0a64f1-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a6c19c312000064f11dbca000000001
/
loadm.exelator.com/load/ Frame B4A0
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Wed, 02 Jun 2021 02:15:00 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame B4A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTZDMUE1NDItRDA0QS00NUQ0LThERTMtOTkyRkM1RDlDNUQ4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:00 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:395
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B4A0
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1240362917277177338
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1240362917277177338
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:00 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:504
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:01 GMT
X-Proxy-Origin
91.132.136.92; 91.132.136.92; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.57:80
AN-X-Request-Uuid
d28c098a-b26a-4528-b735-2ed3bbc919a5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1240362917277177338
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B4A0
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_8a33295b-3680-406b-9965-f5cfdbf60c03
42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_8a33295b-3680-406b-9965-f5cfdbf60c03
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:04 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:309
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_8a33295b-3680-406b-9965-f5cfdbf60c03
date
Wed, 02 Jun 2021 02:15:05 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
async_usersync
ib.adnxs.com/ Frame 819F 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:00 GMT
X-Proxy-Origin
91.132.136.92; 91.132.136.92; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.56:80
AN-X-Request-Uuid
a95c15f4-352d-4f7f-a058-1fb19877c1d7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:00 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Jun 2021 02:15:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:00 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Jun 2021 02:15:00 GMT
um
cs.emxdgt.com/ Frame C3BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000840.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-type
text/html
date
Wed, 02 Jun 2021 02:15:00 GMT
content-length
0
usync.html
eus.rubiconproject.com/ Frame BAB0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000840.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2tli1RUZWfOglxp4SfUmzpScfya9WQi+HKKRWt2jyoYTD2eUmnUkmtBwX7pFAFiVc1oERlM5vhHQItqgWtYPIHaMX9JKE=; ses15=; vis15=92676^1; khaos=KPEU7BLY-1S-HNXP; audit=1|hLZGFuTafB3Z59yH2aqZ5dQ7TXX4J0ie90+YTRdX1oSUPOvV4mivXDXTliqsrgrA/sYxF1atucUmGweUluV0N1Mxec28bQI/pmvllXEtYN4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 02 Jun 2021 02:15:03 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Wed, 02 Jun 2021 02:15:01 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cookie set uc.html
go.sonobi.com/ Frame A450 		905 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000840.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.148 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1.go.sonobi.com
Software
sonobi-go /
Resource Hash
af37343ab985223f61e400c174fad188a2bdcab4d74ba9b86c00db9787262e12
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Date
Wed, 02 Jun 2021 02:15:02 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-ams-1-7-8
X-Xss-Protection
0
Set-Cookie
__uqc=1; expires=Wed, 02 Jun 2021 04:15:01 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uis=45cac1a0-b7c2-4098-9a69-ea8777ce823b; expires=Fri, 02 Jul 2021 02:15:01 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_bw=1; expires=Wed, 02 Jun 2021 10:15:01 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_td=1; expires=Thu, 03 Jun 2021 02:15:01 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_mm=1; expires=Thu, 17 Jun 2021 02:15:01 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_pp=1; expires=Tue, 15 Jun 2021 02:15:01 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_zt=1; expires=Tue, 15 Jun 2021 02:15:01 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_rx=1; expires=Thu, 17 Jun 2021 02:15:01 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_eb=1; expires=Tue, 15 Jun 2021 02:15:01 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None HAPLB5G=s578|YLbpq; path=/; domain=.go.sonobi.com; SameSite=None; secure
Content-Encoding
gzip
Server
sonobi-go
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4A49 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000840.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8; KRTBCOOKIE_377=6810-392c1730-50b0-4dd5-9682-00e5b40a3ace&KRTB&22918-392c1730-50b0-4dd5-9682-00e5b40a3ace&KRTB&23031-392c1730-50b0-4dd5-9682-00e5b40a3ace; PUBMDCID=3; KRTBCOOKIE_22=14911-3074448325661272662; KRTBCOOKIE_27=16735-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&KRTB&16736-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&KRTB&23019-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&KRTB&23114-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2; KRTBCOOKIE_1101=23040-6969014351106078859; KRTBCOOKIE_336=5844-4944437266062326293; KRTBCOOKIE_153=19420-1RyaNIYVmTPOTp46hknVO9cczGTOScw12k5IvEKT&KRTB&22979-1RyaNIYVmTPOTp46hknVO9cczGTOScw12k5IvEKT; KRTBCOOKIE_57=22776-1240362917277177338; KRTBCOOKIE_80=22987-CAESEH04k5I6e2SoY2AhLI-ElM0&KRTB&16514-CAESEH04k5I6e2SoY2AhLI-ElM0&KRTB&23025-CAESEH04k5I6e2SoY2AhLI-ElM0; KRTBCOOKIE_391=22924-5821613659031366264&KRTB&23263-5821613659031366264; KRTBCOOKIE_188=3189-ab3e1485-58df-4782-801d-bbcc1d3e9c37-60b6e9a2-4348; KRTBCOOKIE_1235=23226-0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20:$UID; KRTBCOOKIE_218=22978-YLbpogABQ51yOABg&KRTB&23194-YLbpogABQ51yOABg&KRTB&23209-YLbpogABQ51yOABg&KRTB&23244-YLbpogABQ51yOABg; KRTBCOOKIE_466=16530-9afa73fd-a392-4712-8848-229040e385e3; SPugT=1622600099; chkChromeAb67Sec=2; DPSync3=1623801600%3A219_221_226_227_232_201_197%7C1622678400%3A174; SyncRTB3=1623456000%3A63%7C1625184000%3A203%7C1623801600%3A71_99_189_22_3_204_78_54_55_161_166_165_220_88_222_56_7_13_234_231_21_176_81_8_230%7C1623196800%3A15_223_2_67%7C1623888000%3A35; KRTBCOOKIE_594=17105-RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003&KRTB&17107-RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003; PugT=1622600100
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=103208
expires
Thu, 03 Jun 2021 06:55:09 GMT
date
Wed, 02 Jun 2021 02:15:01 GMT
vary
Accept-Encoding
i.gif
e.serverbid.com/udb/9969/sync/ Frame 4C3F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=1240362917277177338
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=1240362917277177338
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000840.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:01 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:00 GMT
X-Proxy-Origin
91.132.136.92; 91.132.136.92; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.58:80
AN-X-Request-Uuid
c6dabe5b-f4d4-4316-b296-d4bf111c31f2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=1240362917277177338
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 4C3F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YLbpoMR-9v0U88zYS2tDtAAA%261167
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YLbpoMR-9v0U88zYS2tDtAAA%261167
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000840.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:00 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YLbpoMR-9v0U88zYS2tDtAAA%261167
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Wed, 02 Jun 2021 02:15:01 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 4C3F
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=d7456b1f099210010723f946
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=d7456b1f099210010723f946
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000840.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:04 GMT
content-length
0

Redirect headers

Date
Wed, 02 Jun 2021 02:15:04 GMT
Server
nginx
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=d7456b1f099210010723f946
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame 4C3F
Redirect Chain
  • https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=866aabf1-c9f4-4468-a760-47f5a91e50c6
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=866aabf1-c9f4-4468-a760-47f5a91e50c6
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000840.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:02 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=866aabf1-c9f4-4468-a760-47f5a91e50c6
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
occ
pixel.advertising.com/ups/56621/ Frame 4C3F
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/56621/occ?verify=true
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000840.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.153.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:02 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/56621/occ?verify=true
date
Wed, 02 Jun 2021 02:15:02 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1C70 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8; KRTBCOOKIE_377=6810-392c1730-50b0-4dd5-9682-00e5b40a3ace&KRTB&22918-392c1730-50b0-4dd5-9682-00e5b40a3ace&KRTB&23031-392c1730-50b0-4dd5-9682-00e5b40a3ace; PUBMDCID=3; KRTBCOOKIE_22=14911-3074448325661272662; KRTBCOOKIE_27=16735-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&KRTB&16736-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&KRTB&23019-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&KRTB&23114-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2; KRTBCOOKIE_1101=23040-6969014351106078859; KRTBCOOKIE_336=5844-4944437266062326293; KRTBCOOKIE_153=19420-1RyaNIYVmTPOTp46hknVO9cczGTOScw12k5IvEKT&KRTB&22979-1RyaNIYVmTPOTp46hknVO9cczGTOScw12k5IvEKT; KRTBCOOKIE_57=22776-1240362917277177338; KRTBCOOKIE_80=22987-CAESEH04k5I6e2SoY2AhLI-ElM0&KRTB&16514-CAESEH04k5I6e2SoY2AhLI-ElM0&KRTB&23025-CAESEH04k5I6e2SoY2AhLI-ElM0; KRTBCOOKIE_391=22924-5821613659031366264&KRTB&23263-5821613659031366264; KRTBCOOKIE_188=3189-ab3e1485-58df-4782-801d-bbcc1d3e9c37-60b6e9a2-4348; KRTBCOOKIE_1235=23226-0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20:$UID; KRTBCOOKIE_218=22978-YLbpogABQ51yOABg&KRTB&23194-YLbpogABQ51yOABg&KRTB&23209-YLbpogABQ51yOABg&KRTB&23244-YLbpogABQ51yOABg; KRTBCOOKIE_466=16530-9afa73fd-a392-4712-8848-229040e385e3; SPugT=1622600099; chkChromeAb67Sec=2; DPSync3=1623801600%3A219_221_226_227_232_201_197%7C1622678400%3A174; SyncRTB3=1623456000%3A63%7C1625184000%3A203%7C1623801600%3A71_99_189_22_3_204_78_54_55_161_166_165_220_88_222_56_7_13_234_231_21_176_81_8_230%7C1623196800%3A15_223_2_67%7C1623888000%3A35; KRTBCOOKIE_594=17105-RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003&KRTB&17107-RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003; PugT=1622600100
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=153008
expires
Thu, 03 Jun 2021 20:45:09 GMT
date
Wed, 02 Jun 2021 02:15:01 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 1C70 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56496013&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5a56a7b2e970338e17dbdd7c877c74b2d653710582d2e82f9fed212ffdf27694

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
980
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 9C3C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1PwUngWX1LOgpq5&gdpr=0&gdpr_consent=
42 B
389 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1PwUngWX1LOgpq5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1PwUngWX1LOgpq5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KRTBCOOKIE_279=22890-56b9f0c5-c348-11eb-8b8a-6f120b61e297&KRTB&23011-56b9f0c5-c348-11eb-8b8a-6f120b61e297; KRTBCOOKIE_409=22966-GfuCs1hBtbEpNrqjm0rbW6DH; PugT=1622600103
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:15:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:1PwUngWX1LOgpq5; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 31-Aug-2021 02:15:03 GMT; path=/ PugT=1622600103; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 02-Jul-2021 02:15:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 31-Aug-2021 02:15:03 GMT; path=/
x-lat
amspug005:0:334
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Wed, 02 Jun 2021 02:15:03 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1PwUngWX1LOgpq5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-077182e85f3323570@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=1PwUngWX1LOgpq5; Domain=.w55c.net; Expires=Sat, 02-Jul-2022 02:15:04 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Fri, 02-Jul-2021 02:15:04 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 56C8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oJbS2lJqSuhSW-r5_Mc0hluEiFw
42 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oJbS2lJqSuhSW-r5_Mc0hluEiFw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oJbS2lJqSuhSW-r5_Mc0hluEiFw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:15:04 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-oJbS2lJqSuhSW-r5_Mc0hluEiFw; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 31-Aug-2021 02:15:04 GMT; path=/ PugT=1622600104; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 02-Jul-2021 02:15:04 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 31-Aug-2021 02:15:04 GMT; path=/
x-lat
amspug020:0:283
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Wed, 02 Jun 2021 02:15:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oJbS2lJqSuhSW-r5_Mc0hluEiFw
Set-Cookie
sa-user-id=s%3A0-a096d2da-526a-4ae8-525b-eaf9fcc73486.RiV8O2p4%2BNsVvhBaZh5IPIyEjh69Yb7YDoaf4ATxi9c; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-a096d2da-526a-4ae8-525b-eaf9fcc73486%24ip%2491.132.136.92.bQoT8VhFGNl07bMP1mjX2vgCvajnWfiGhoTAf4fKZhA; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
usersync
match.bnmla.com/ Frame 354F 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.158 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 02 Jun 2021 02:15:05 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame FA75
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5BE016A651534D3C90DB348A637D045E
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5BE016A651534D3C90DB348A637D045E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5BE016A651534D3C90DB348A637D045E
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8; KRTBCOOKIE_377=6810-392c1730-50b0-4dd5-9682-00e5b40a3ace&KRTB&22918-392c1730-50b0-4dd5-9682-00e5b40a3ace&KRTB&23031-392c1730-50b0-4dd5-9682-00e5b40a3ace; PUBMDCID=3; KRTBCOOKIE_22=14911-3074448325661272662; KRTBCOOKIE_27=16735-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&KRTB&16736-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&KRTB&23019-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2&KRTB&23114-uid:6e7560b6-e9a1-4c00-b717-7fe8cc281cb2; KRTBCOOKIE_1101=23040-6969014351106078859; KRTBCOOKIE_336=5844-4944437266062326293; KRTBCOOKIE_153=19420-1RyaNIYVmTPOTp46hknVO9cczGTOScw12k5IvEKT&KRTB&22979-1RyaNIYVmTPOTp46hknVO9cczGTOScw12k5IvEKT; KRTBCOOKIE_57=22776-1240362917277177338; KRTBCOOKIE_80=22987-CAESEH04k5I6e2SoY2AhLI-ElM0&KRTB&16514-CAESEH04k5I6e2SoY2AhLI-ElM0&KRTB&23025-CAESEH04k5I6e2SoY2AhLI-ElM0; KRTBCOOKIE_391=22924-5821613659031366264&KRTB&23263-5821613659031366264; KRTBCOOKIE_188=3189-ab3e1485-58df-4782-801d-bbcc1d3e9c37-60b6e9a2-4348; KRTBCOOKIE_1235=23226-0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20:$UID; KRTBCOOKIE_218=22978-YLbpogABQ51yOABg&KRTB&23194-YLbpogABQ51yOABg&KRTB&23209-YLbpogABQ51yOABg&KRTB&23244-YLbpogABQ51yOABg; KRTBCOOKIE_466=16530-9afa73fd-a392-4712-8848-229040e385e3; SPugT=1622600099; DPSync3=1623801600%3A219_221_226_227_232_201_197%7C1622678400%3A174; KRTBCOOKIE_594=17105-RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003&KRTB&17107-RX-b1f8f8b2-32d6-456a-aef9-be835b2d9831-003; PugT=1622600100; chkChromeAb67Sec=3; SyncRTB3=1623456000%3A63%7C1623801600%3A71_220_104_5_57_3_54_165_55_166_176_8_56_234_78_222_13_230_231_21_233_22_88_7_204_161_81_99_189%7C1623888000%3A35%7C1623196800%3A223_2_15_67%7C1625184000%3A203%7C1627776000%3A69
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Jun 2021 02:15:00 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 31-Aug-2021 02:15:00 GMT; path=/
x-lat
amspug018:0:384
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Wed, 02 Jun 2021 02:15:01 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5BE016A651534D3C90DB348A637D045E
expires
Tue, 01 Jun 2021 02:15:01 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
i.gif
e.serverbid.com/udb/9969/sync/ Frame 253D 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
e.serverbid.com
:scheme
https
:path
/udb/9969/sync/i.gif?partnerId=4&userId=A6C1A542-D04A-45D4-8DE3-992FC5D9C5D8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Wed, 02 Jun 2021 02:15:01 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1C70
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=56b9f0c5-c348-11eb-8b8a-6f120b61e297&gdpr=0&gdpr_consent=
1 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=56b9f0c5-c348-11eb-8b8a-6f120b61e297&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:01 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:358
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=56b9f0c5-c348-11eb-8b8a-6f120b61e297&gdpr=0&gdpr_consent=
Date
Wed, 02 Jun 2021 02:15:01 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
56b9f0c6-c348-11eb-8b8a-6f120b61e297
tpid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20
sync.crwdcntrl.net/map/c=10924/tp=OOLA/ Frame D587 		49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:01 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.77
content-type
image/gif
content-length
49
expires
0
35702
tags.bluekai.com/site/ Frame D587 		62 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/35702?id=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-99-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:15:01 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
73ae
Content-Type
image/gif
mw
mwzeom.zeotap.com/ Frame D587 		95 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1367&env=mWeb&cid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&gdpr=$0&gdpr_consent=$
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://portal.tds.net
access-control-allow-credentials
true
cf-ray
658d2bea3bb564f1-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a6c19c65f000064f120bdc000000001
sync
odr.mookie1.com/t/v2/ Frame D587 		43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_866925&src.visitorId=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&gdpr=0&gdpr_consent=
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:01 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm
trc.taboola.com/sg/neustar/1/ Frame D587
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20
  • https://d.agkn.com/pixel/10751/?che=1622600101&ip=91.132.136.92&l1=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fneustar%2F1%2Fcm%3Ftaboola_hm%3D164990803805000014977
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164990803805000014977
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164990803805000014977
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
58
pragma
no-cache
date
Wed, 02 Jun 2021 02:15:03 GMT
via
1.1 varnish
server
nginx
x-timer
S1622600103.412657,VS0,VE58
x-served-by
cache-hhn11524-HHN
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:03 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164990803805000014977
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
676fea0974db42c997b4e68d01b754e4
i.liadm.com/s/e/64716/0/ Frame D587
Redirect Chain
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&_li_chk=true&previous_uuid=7a49c131ef704c96801f662aede1aa2b
  • https://i.liadm.com/s/64716?bidder_id=88068&bidder_uuid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&previous_uuid=e5cfe9ffada2407fa3156ab1f70df82e
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F64716%2F0%2F676fea0974db42c997b4e68d01b754e4%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&7a49c131-ef70-4c96-801f-662a...
  • https://i.liadm.com/s/e/64716/0/676fea0974db42c997b4e68d01b754e4?mpid=7156&muid=ae4b60b6-e9a5-4600-84f4-d77c030bd2f2
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/64716/0/676fea0974db42c997b4e68d01b754e4?mpid=7156&muid=ae4b60b6-e9a5-4600-84f4-d77c030bd2f2
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.174.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:15:02 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
7e4eb161792e163b
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Wed, 02 Jun 2021 02:15:02 GMT
Server
MT3 3736 915c305 master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/64716/0/676fea0974db42c997b4e68d01b754e4?mpid=7156&muid=ae4b60b6-e9a5-4600-84f4-d77c030bd2f2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Jun 2021 02:15:01 GMT
csync.ashx
ml314.com/ Frame D587
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&gdpr=0&gdpr_consent=&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3619163238529237029
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxOTE2MzIzODUyOTIzNzAyORAAGg0IptPbhQYSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=1f6edd9f8f7d2642e4bee2b284171e01b62c449e60ddc92d4cfb3281eb55c520f4cb09cee1a4f8eb&person_id=3619163238529237029&eid=50082
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=1f6edd9f8f7d2642e4bee2b284171e01b62c449e60ddc92d4cfb3281eb55c520f4cb09cee1a4f8eb&person_id=3619163238529237029&eid=50082
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.143.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:15:02 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Wed, 02 Jun 2021 22:15:02 GMT

Redirect headers

date
Wed, 02 Jun 2021 02:15:02 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=1f6edd9f8f7d2642e4bee2b284171e01b62c449e60ddc92d4cfb3281eb55c520f4cb09cee1a4f8eb&person_id=3619163238529237029&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
mw
mwzeom.zeotap.com/ Frame D587 		95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1412&env=mWeb&cid=e2c6eae29fa7814e3159c4fe42ba23df1a56f9a614200468ed1e02342f806a8d&gdpr=$0&gdpr_consent=$
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://portal.tds.net
access-control-allow-credentials
true
cf-ray
658d2bea8bc364f1-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a6c19c695000064f11ca0c000000001
sync
pixel.advertising.com/ups/55973/ Frame D587
Redirect Chain
  • https://pixel.advertising.com/ups/55973/sync?uid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&_origin=1
  • https://pixel.advertising.com/ups/55973/sync?uid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&_origin=1&verify=true
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55973/sync?uid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&_origin=1&verify=true
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.153.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:02 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/55973/sync?uid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&_origin=1&verify=true
date
Wed, 02 Jun 2021 02:15:02 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cds.js
cdn.taboola.com/scripts/ Frame D587 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qAC_83v.ruQxT.EBjAF212Y3Xw1cEshk
content-encoding
gzip
etag
"fe3141b1cffc47b284c82d96b098b304"
age
431
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1181
x-amz-id-2
i42wDgzNjIRrbICyL56uZvk6UZlXA/ux6CF8Z618XGeUERc/82YlIPnWpu43Ye2+Lpy0hY5jQx0=
x-served-by
cache-hhn11524-HHN
last-modified
Wed, 10 Mar 2021 13:27:13 GMT
server
AmazonS3
x-timer
S1622600101.483719,VS0,VE0
date
Wed, 02 Jun 2021 02:15:01 GMT
vary
Accept-Encoding
x-amz-request-id
8G72GPESSN3T79N7
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
76
x-cache-hits
1388
panorama.js
cdn.taboola.com/scripts/ Frame D587 		1 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/panorama.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7bfa676c07c88144d9ecdcec09a4ec7afcd0449226bf5fc5063342a16d5f8e3

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
CYlu4uGxGteYv0_gS3v6WaXb_4ObQ4ke
content-encoding
gzip
etag
"245ecb1e94189239a899012670435435"
age
6385
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
710
x-amz-id-2
Keq7GFci2tMP3tHahP0FDCRjLhXFPfNb6pxKe8pzDz+soK2NaezjjjTJKCHjtqCIx80T+Voimao=
x-served-by
cache-hhn11524-HHN
last-modified
Sun, 18 Apr 2021 12:53:28 GMT
server
AmazonS3
x-timer
S1622600101.483696,VS0,VE0
date
Wed, 02 Jun 2021 02:15:01 GMT
vary
Accept-Encoding
x-amz-request-id
MN6TRVTXQ5YYKP3G
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
76
x-cache-hits
9645
/
t1.taboola.com/ Frame D587 		2 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t1.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.196 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6cd5b6e51936a442b973660c21553dd22bd72ddc8751132a943475288113b4c0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:04 GMT
last-modified
Sun, 24 Jan 2021 15:03:16 GMT
server
nginx
etag
"600d8c34-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t2.taboola.com/ Frame D587 		2 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t2.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.215 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
4523540f1504cd17100c4835e85b7eefd49911580f8efff0599a8f283be6b9e3

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:04 GMT
last-modified
Thu, 21 Jan 2021 15:58:53 GMT
server
nginx
etag
"6009a4bd-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t3.taboola.com/ Frame D587 		2 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t3.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.196 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6cd5b6e51936a442b973660c21553dd22bd72ddc8751132a943475288113b4c0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:06 GMT
last-modified
Sun, 24 Jan 2021 15:03:13 GMT
server
nginx
etag
"600d8c31-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t4.taboola.com/ Frame D587 		2 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t4.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.200 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
323783be9a53a31e158ec9600626a4703e99f4e183bc1acb8772cbdf5c3a1ece

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:06 GMT
last-modified
Sun, 24 Jan 2021 15:03:16 GMT
server
nginx
etag
"600d8c34-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t5.taboola.com/ Frame D587 		2 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t5.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.206 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
340792a7a42feffabbddc144fe4059013ff8af265ca9c3337933e0b633569367

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:06 GMT
last-modified
Sun, 24 Jan 2021 15:03:16 GMT
server
nginx
etag
"600d8c34-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t6.taboola.com/ Frame D587 		2 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t6.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.194 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
a953f09a1b6b6725b81956e9ad0b1eb49e3ad40004c04307ef8af6246a054116

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:02 GMT
last-modified
Thu, 21 Jan 2021 15:58:22 GMT
server
nginx
etag
"6009a49e-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t7.taboola.com/ Frame D587 		2 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t7.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.231 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
670671cd97404156226e507973f2ab8330d3022ca96e0c93bdbdb320c41adcaf

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:02 GMT
last-modified
Sun, 24 Jan 2021 15:03:16 GMT
server
nginx
etag
"600d8c34-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t8.taboola.com/ Frame D587 		2 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t8.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.205 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
2215f50cb99824ed2786a5d12df72b5dbc304b85f28cd5b873b645cccc3b7411

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:02 GMT
last-modified
Sun, 24 Jan 2021 15:03:16 GMT
server
nginx
etag
"600d8c34-2"
content-type
text/html
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
accept-ranges
bytes
content-length
2
/
pips.taboola.com/ Frame D587 		64 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:01 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-hhn11543-HHN
access-control-allow-methods
GET
access-control-allow-origin
https://portal.tds.net
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
sync.min.js
tags.crwdcntrl.net/lt/c/16011/ Frame D587 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16011/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-23.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea191803c6a42c9e02cda7bacef925236bc56b1d240a3635a0b385d2fd5a1544

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 01 Jun 2021 15:20:09 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 00:15:10 GMT
server
AmazonS3
age
39293
etag
W/"fa2850e98f24ae69909c76d4accf2e3f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0bad7b24b2c9dfacca95c8ce0c8c3706.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
CDG52-P1
x-amz-cf-id
hdH1boF6lP2cZVm2vPFVVx2GYhgWR-jz8wRy9LIET00RrEwwrh196Q==
async_usersync
ib.adnxs.com/ Frame 819F 		0
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:01 GMT
X-Proxy-Origin
91.132.136.92; 91.132.136.92; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.232:80
AN-X-Request-Uuid
b10df89b-d7b3-439b-81b1-1044d9ec40ab
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
map
bcp.crwdcntrl.net/6/ Frame D587 		156 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16011/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
aef1c1660add273ece0fc5be73ddad408b9d66300d629248cee12849c0e4a7bd

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:01 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://portal.tds.net
cache-control
no-cache
x-server
10.45.31.27
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
156
expires
0
usync.html
eus.rubiconproject.com/ Frame CBF8 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?geo=na&co=us
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/header/13344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://portal.tds.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.tds.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 02 Jun 2021 02:15:03 GMT
Connection
keep-alive
Vary
Accept-Encoding
us.gif
sync.go.sonobi.com/ Frame A450
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=fd6e432f-738b-4c10-918d-a4dfc612be02&google_hm=ZmQ2ZTQzMmYtNzM4Yi00YzEwLTkxOGQtYTRkZmM2MTJiZTAy
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEH5mdRNKq6Lr48VWFzz2e6g&google_cver=1&ssp=sonobi&bsw_param=fd6e432f-738b-4c10-918d-a4dfc612be02
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=fd6e432f-738b-4c10-918d-a4dfc612be02
49 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=fd6e432f-738b-4c10-918d-a4dfc612be02
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=fd6e432f-738b-4c10-918d-a4dfc612be02
date
Wed, 02 Jun 2021 02:15:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
us.gif
sync.go.sonobi.com/ Frame A450
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e55fb5d7c2&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e55fb5d7c2&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=3072bbef-0c7d-4f52-b3ea-df4e6cf0fe99&pubid=e55fb5d7c2
49 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=3072bbef-0c7d-4f52-b3ea-df4e6cf0fe99&pubid=e55fb5d7c2
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=3072bbef-0c7d-4f52-b3ea-df4e6cf0fe99&pubid=e55fb5d7c2
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
us.gif
sync.go.sonobi.com/ Frame A450
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=ae4b60b6-e9a5-4600-84f4-d77c030bd2f2
49 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=ae4b60b6-e9a5-4600-84f4-d77c030bd2f2
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 02 Jun 2021 02:15:02 GMT
Server
MT3 3736 915c305 master zrh-pixel-x10
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=ae4b60b6-e9a5-4600-84f4-d77c030bd2f2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Jun 2021 02:15:01 GMT
rtset
bh.contextweb.com/bh/ Frame A450
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=45cac1a0-b7c2-4098-9a69-ea8777ce823b&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RUE4RUpaWjdsekI3cWZwMjhYMGJzUQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEBBRFlEYrdqli_3kAwSiRXs&google_cver=1
49 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEBBRFlEYrdqli_3kAwSiRXs&google_cver=1
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-555c8fd69d-h2lrt
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEBBRFlEYrdqli_3kAwSiRXs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame A450
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2159827871343425741
49 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2159827871343425741
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2159827871343425741
Date
Wed, 02 Jun 2021 02:15:05 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame A450
Redirect Chain
  • https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4080417817
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4080417817
  • https://sync.1rx.io/usersync/tradedesk/150f4117-e7ed-45c6-884e-7c89ec0ed7aa
  • https://sync.targeting.unrulymedia.com/csync/RX-8ed583cc-0341-4ce5-bfba-e25e9d77212e-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-8ed583cc-0341-4ce5-bfba-e25...
  • https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-8ed583cc-0341-4ce5-bfba-e25e9d77212e-003
49 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-8ed583cc-0341-4ce5-bfba-e25e9d77212e-003
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-8ed583cc-0341-4ce5-bfba-e25e9d77212e-003
date
Wed, 02 Jun 2021 02:15:02 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX8ed583cc03414ce5bfbae25e9d77212e003
content-type
text/html
usg.gif
sync.go.sonobi.com/ Frame A450
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NDVjYWMxYTAtYjdjMi00MDk4LTlhNjktZWE4Nzc3Y2U4MjNi
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm=&google_hm=NDVjYWMxYTAtYjdjMi00MDk4LTlhNjktZWE4Nzc3Y2U4MjNi&google_tc=
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEPSlkLtcq9Zrtonkvlxks58&google_cver=1
49 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEPSlkLtcq9Zrtonkvlxks58&google_cver=1
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEPSlkLtcq9Zrtonkvlxks58&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame BAB0 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ad780d991478fe5c06bc85754480e4ecab30ac41f85f5e3bb9df5ffd24464b2c

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:15:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 19:07:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26245
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9270
Expires
Wed, 02 Jun 2021 09:32:28 GMT
usync.js
eus.rubiconproject.com/ Frame CBF8 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?geo=na&co=us
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ad780d991478fe5c06bc85754480e4ecab30ac41f85f5e3bb9df5ffd24464b2c

Request headers

Referer
https://eus.rubiconproject.com/usync.html?geo=na&co=us
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:15:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 19:07:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26245
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9270
Expires
Wed, 02 Jun 2021 09:32:28 GMT
khaos.jpg
token.rubiconproject.com/ Frame BAB0 		284 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
i.gif
e.serverbid.com/udb/9969/sync/ Frame BAB0
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=40&userId=?uid=KPEU7GIK-1Q-CM4
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=40&userId=?uid=KPEU7GIK-1Q-CM4
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:04 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=40&userId=?uid=KPEU7GIK-1Q-CM4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
v1
ads.yahoo.com/cms/ Frame BAB0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPEU7GIK-1Q-CM4&sigv=1&esig=2~1bbf4f63fc8f76c09fb3451d24f97fc20129c6a4
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPEU7GIK-1Q-CM4&sigv=1&esig=2~1bbf4f63fc8f76c09fb3451d24f97fc20129c6a4
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:03 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPEU7GIK-1Q-CM4&sigv=1&esig=2~1bbf4f63fc8f76c09fb3451d24f97fc20129c6a4
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame BAB0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame BAB0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae4b60b6-e9a5-4600-84f4-d77c030bd2f2
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae4b60b6-e9a5-4600-84f4-d77c030bd2f2
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

Date
Wed, 02 Jun 2021 02:15:03 GMT
Server
MT3 3736 915c305 master zrh-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae4b60b6-e9a5-4600-84f4-d77c030bd2f2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Jun 2021 02:15:02 GMT
tap.php
pixel.rubiconproject.com/ Frame BAB0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/wB8fL3AiyFqoe7_Sd7KrQg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5301250555939441799
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5301250555939441799
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Wed, 02 Jun 2021 02:15:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5301250555939441799
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BAB0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFlYTBhODllODQwMWJlYzA4NWUwM2ZhMWRmNTA0MTNhMzdlOGVkZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFlYTBhODllODQwMWJlYzA4NWUwM2ZhMWRmNTA0MTNhMzdlOGVkZg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFlYTBhODllODQwMWJlYzA4NWUwM2ZhMWRmNTA0MTNhMzdlOGVkZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame BAB0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECDLaAZE8A3m0SzRUrsal5M&google_cver=1
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECDLaAZE8A3m0SzRUrsal5M&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECDLaAZE8A3m0SzRUrsal5M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BAB0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BFVTdHSUstMVEtQ000
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BFVTdHSUstMVEtQ000
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BFVTdHSUstMVEtQ000
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame BAB0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YLbppwABRAGwgQBg
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YLbppwABRAGwgQBg&_test=YLbppwABRAGwgQBg
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YLbppwABRAGwgQBg&_test=YLbppwABRAGwgQBg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1622600104.504761,VS0,VE0
x-served-by
cache-fra19144-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YLbppwABRAGwgQBg&_test=YLbppwABRAGwgQBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame F0E9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0b52a6098cca00cbcb4ae237655a5273bfc955af093cb5a7395fb82ae6d145f3

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YLbpp-wQIopIzEfzSs-3PwAA; CMPS=5208
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|45|230|64|218|81|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1675
Expires
Wed, 02 Jun 2021 02:15:03 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:03 GMT
Connection
keep-alive
Set-Cookie
CMID=YLbpp-wQIopIzEfzSs-3PwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 02:15:03 GMT CMPS=5208;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 02:15:03 GMT CMPRO=1171;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 02:15:03 GMT CMST=YLbpp2C26acA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 03 Jun 2021 02:15:03 GMT CMRUM3=4060b6e9a705a0&da60b6e9a72760&f160b6e9a705a0&2760b6e9a70b40&5160b6e9a705a0&2d60b6e9a705a0&c460b6e9a705a0&e660b6e9a72760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 02:15:03 GMT

Redirect headers

Server
Apache
Content-Length
337
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 02 Jun 2021 02:15:03 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:03 GMT
Connection
keep-alive
Set-Cookie
CMID=YLbpp-wQIopIzEfzSs-3PwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 02:15:03 GMT CMPS=5208;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 02:15:03 GMT
casale
match.adsrvr.org/track/cmf/ Frame F0E9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YLbpp-wQIopIzEfzSs-3PwAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame F0E9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLbpp_wQIopIzEfzSs_3PwAABJMAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLbpp_wQIopIzEfzSs_3PwAABJMAAAIB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLbpp_wQIopIzEfzSs_3PwAABJMAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:03 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:03 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLbpp_wQIopIzEfzSs_3PwAABJMAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F0E9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLbpp-wQIopIzEfzSs-3PwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJpuzeCHDnK52q_Bq6-3Hos&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJpuzeCHDnK52q_Bq6-3Hos&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 02:15:04 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJpuzeCHDnK52q_Bq6-3Hos&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame F0E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLbpp_wQIopIzEfzSs_3PwAABJMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKYxU58RadPEtCLHAXEg4rM&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKYxU58RadPEtCLHAXEg4rM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 02 Jun 2021 02:15:03 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKYxU58RadPEtCLHAXEg4rM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F0E9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=8a882924-5145-4931-92dc-b1e5379c1293-60b6e9a7-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8a882924-5145-4931-92dc-b1e5379c1293-60b6e9a7-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=8a882924-5145-4931-92dc-b1e5379c1293-60b6e9a7-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_i...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8a882924-5145-4931-92dc-b1e5379c1293-60b6e9a7-4348&expiration=1625192103
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8a882924-5145-4931-92dc-b1e5379c1293-60b6e9a7-4348&expiration=1625192103
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 02:15:04 GMT

Redirect headers

date
Wed, 02 Jun 2021 02:15:03 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8a882924-5145-4931-92dc-b1e5379c1293-60b6e9a7-4348&expiration=1625192103
alt-svc
clear
content-length
0
demconf.jpg
dpm.demdex.net/ Frame F0E9
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YLbpp-wQIopIzEfzSs-3PwAA%261171?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YLbpp-wQIopIzEfzSs-3PwAA%261171
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YLbpp-wQIopIzEfzSs-3PwAA%261171
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.113.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-113-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v008-03a66cb5a.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
+qjn1f3CT+8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v008-0e550184e.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
H3Wj2w71SX0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YLbpp-wQIopIzEfzSs-3PwAA%261171
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum-sec.casalemedia.com/ Frame F0E9
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=jWGig95ooYKWM_bW2TTtg4Iz-YWWN_XTjWDe0OvS
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=jWGig95ooYKWM_bW2TTtg4Iz-YWWN_XTjWDe0OvS
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 02:15:04 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=jWGig95ooYKWM_bW2TTtg4Iz-YWWN_XTjWDe0OvS
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F0E9
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030002_60b6e9a8c82fd&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_60b6e9a8c82fd
43 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_60b6e9a8c82fd
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 02:15:04 GMT

Redirect headers

date
Wed, 02 Jun 2021 02:15:04 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_60b6e9a8c82fd
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
htw-pixel.gif
js-sec.indexww.com/ht/ Frame F0E9 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YLbpp-wQIopIzEfzSs-3PwAA%261171
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://portal.tds.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:15:03 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=603
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 02:25:06 GMT
track.gif
portal.tds.net/images/track/ 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.tds.net/images/track/track.gif?action=impression&cubecomponent=HomePage.Dcc.Card&contentarea=dcc&contenttext=Republican%20Congresswoman%20Opens%20Up%20About%20%27Very%20Scary%27%20Memorial%20Day&contentsource=The%20Associated%20Press&contentid=the_associated_press-us_rep_mace_vandalism_at_south_carolina_home_very-ap&contenttype=article&contentsecondaryposition=1&pagescrollyposition=0&ts=1622600106044
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.8.70.222 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.tds.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.tds.net/
Connection
keep-alive
Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:15:06 GMT
Via
1.1 varnish
Last-Modified
Wed, 02 Jun 2010 18:24:58 GMT
Server
nginx
Age
0
ETag
"2b-488103510f280"
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
X-Varnish
145533292
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
/
vam-image.media.syn-cdn.com/42/3b/423b64a1081b736091228e51c9c51b8b679f54fb/w=732,h=411,crop=focus/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vam-image.media.syn-cdn.com/42/3b/423b64a1081b736091228e51c9c51b8b679f54fb/w=732,h=411,crop=focus/?app=portal&sig=2b95d8eca575c597fc56cb2f9ed3ed3b0a92f1cb14de96a5afbf47f8fd1ba277
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C53) /
Resource Hash
08d47555b0618688ebb5e37dd8aeb757b74066d88b7fb94173963bb64d309ff9

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:06 GMT
last-modified
Tue, 01 Jun 2021 13:05:35 GMT
server
ECAcc (mil/6C53)
age
47372
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
access-control-allow-origin
*
cache-control
max-age=365000000, immutable
accept-ranges
bytes
content-type
image/jpeg
content-length
35357
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&dnid=041704080e02270d&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 02 Jun 2021 02:15:07 GMT
Cache-Control
no-store
Server
nginx
Connection
close
/
cds.taboola.com/ Frame D587 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=0b8d078e-f861-4628-bb79-a294de0e5367-tuct7b06f20&dnid=041704080e02270d&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 02 Jun 2021 02:15:07 GMT
Cache-Control
no-store
Server
nginx
Connection
close
adserv_93196.js
adtag.technoratimedia.com/ 		2 KB
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://adtag.technoratimedia.com/adserv_93196.js?ad_size=501x375&pub_code=%2F1%2Fsyn.tds%2F93196&seat=autoplay&disp=referrer&referrer=https%3A%2F%2Fportal.tds.net%2F&tcb=0.17728793360240758
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
bef35c7052149b53c867e3789bdaf7a46d56b39fd41c9cabfb8e4d8773df6c20

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
https://portal.tds.net
access-control-allow-credentials
true
x-varnish
980287618
accept-ranges
bytes
content-length
1003
via
1.1 varnish
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
729ec7ac109c4e93cf22a138a0d96c050902bb9565b3c271e1efd6f48e6bd562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7673
x-xss-protection
0
npm.core-js.bdfadd6a.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.core-js.bdfadd6a.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C81) /
Resource Hash
d23315dd9b05fa45de16411e0a89aa0102fa793a3f14089ab76354d634238520

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161877
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
35118
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C81)
etag
"19fd1-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260097516 259997664
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:48:48 GMT
npm.babel.runtime.384d0496.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.babel.runtime.384d0496.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C4F) /
Resource Hash
9ed5cad40a12c15b161c8801b7c29a8d9a279b45c5d926071994d60301e2bd55

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
24736206
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1562
access-control-allow-origin
*
last-modified
Wed, 19 Aug 2020 18:18:55 GMT
server
ECAcc (mil/6C4F)
etag
"1106-5ad3f095a21c0"
vary
Accept-Encoding
x-varnish
336200841 333789426
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 01 Jun 2022 22:57:58 GMT
main~safeframe.d0680278.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/main~safeframe.d0680278.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C9E) /
Resource Hash
cd060d75cf69e51cdec269dddff5cec5c6b3e85733d3a748e8debd5bb227ce00

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161754
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
4770
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C9E)
etag
"3650-5c2b015d70900"
vary
Accept-Encoding
x-varnish
709656872 708141255
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:51 GMT
npm.base64-js.82b3c51c.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		1 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.base64-js.82b3c51c.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C6F) /
Resource Hash
06c2cd271841d970111ce4bdf05baf71f829e76d9a44fdb35ced1a94e1a6fb15

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411855
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
781
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C6F)
etag
"5c0-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040790681 1040370297
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:04:41 GMT
npm.buffer.c24ca057.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.buffer.c24ca057.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC8) /
Resource Hash
6bc2b8fea24fa1c8b174c7129eb2061dd61cb439252efcf3350a418ff38721dd

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161877
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
5914
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6CC8)
etag
"4dc5-5c2b015d70900"
vary
Accept-Encoding
x-varnish
752442628 752688782
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:48:48 GMT
npm.events.db12d2bd.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.events.db12d2bd.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C44) /
Resource Hash
3f12679987ae742b0faeef7f9453165cac5765bed785b21e6c1e73d3e4425418

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161733
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1869
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C44)
etag
"155e-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260097518 259930891
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:51:12 GMT
npm.jsonpath.ece13fb3.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.jsonpath.ece13fb3.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C73) /
Resource Hash
fc2ba5a4908fe6e3aa05ceb8322abd0ea66bec325030f9a5f20314d79783d371

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161868
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
26575
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C73)
etag
"14700-5c2b015d70900"
vary
Accept-Encoding
x-varnish
709503650 708960989
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:48:56 GMT
npm.stream-browserify.f3f44d3a.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.stream-browserify.f3f44d3a.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C3D) /
Resource Hash
46b5efe32423049467d41586b84962af93f154b542ca4e34ea0216ea7747f186

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161743
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
7246
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C3D)
etag
"60b1-5c2b015d70900"
vary
Accept-Encoding
x-varnish
752442630 752690568
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:51:02 GMT
npm.string_decoder.34d1b1e2.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.string_decoder.34d1b1e2.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C1A) /
Resource Hash
a16e154e8fb61d9a8cc79561fb5b26e52a933eff04cd4fc4243c9bc2cfae3395

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161868
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1394
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C1A)
etag
"1165-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260070381 259750739
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:48:56 GMT
npm.synacor.url-match-list.d838eb65.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		2 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.synacor.url-match-list.d838eb65.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C91) /
Resource Hash
8e96e9d7df556a11efe5b1bf18d0c26b09e3e1127496b9a1e3648b201e298437

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161877
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
866
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C91)
etag
"887-5c2b015d70900"
vary
Accept-Encoding
x-varnish
709656876 708960734
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:48:48 GMT
npm.webpack.78d57302.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		518 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.webpack.78d57302.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CB3) /
Resource Hash
70411b01aa4b80cce652bfe8bdcadd4d72010c503df66bd60d1466a10304cc36

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161895
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
290
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6CB3)
etag
"206-5c2b015d70900"
vary
Accept-Encoding
x-varnish
594383676 593557075
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:48:30 GMT
runtime.05862902.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/runtime.05862902.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C30) /
Resource Hash
a4015a75b1f97f18d57dea009a00586285d8803f25843d941eb7de10f624f017

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161868
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1496
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C30)
etag
"b44-5c2b015d70900"
vary
Accept-Encoding
x-varnish
752863250 752783041
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:48:56 GMT
url_lists.3d3dc40d.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/url_lists.3d3dc40d.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C59) /
Resource Hash
eae0c4f02c7657b2146853859f2e2bd9030a618eed96b8236a9e821d9746a8e7

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161876
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
3066
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C59)
etag
"214f-5c2b015d70900"
vary
Accept-Encoding
x-varnish
357222227 259929309
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 25 May 2022 14:58:23 GMT
main.9c542206.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		176 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/main.9c542206.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C60) /
Resource Hash
b36f15332e87ca364fd9e9400ae13d00b85c8d7f1c284047cda7e509d920394e

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161839
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
48489
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:19 GMT
server
ECAcc (mil/6C60)
etag
"2c1e9-5c2b015c7c6c0"
vary
Accept-Encoding
x-varnish
709656880 709268624
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:49:25 GMT
npm.asn1.js.6f553d4c.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.asn1.js.6f553d4c.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C75) /
Resource Hash
be7759cbab7e32fdeb8c48657500073ba211724abfc2da6845064ca229dfc69d

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161735
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
7216
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C75)
etag
"5c7a-5c2b015d70900"
vary
Accept-Encoding
x-varnish
752442632 752416238
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:51:10 GMT
npm.bn.js.d562b1e3.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.bn.js.d562b1e3.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C48) /
Resource Hash
16ecca79afaa9ff085d1e94da5633727316f4eb058e4b484423a58db6f10767b

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161754
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
11253
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C48)
etag
"a851-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260070385 259930584
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:51 GMT
npm.bowser.bd648522.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.bowser.bd648522.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C37) /
Resource Hash
1165bead2354eab83a4d6883fc2144fca8870a4d2454b4a5aa24e7e4a9239540

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161839
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
5736
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C37)
etag
"64e2-5c2b015d70900"
vary
Accept-Encoding
x-varnish
709595789 709058091
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:49:26 GMT
npm.brorand.7e675032.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		967 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.brorand.7e675032.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C28) /
Resource Hash
f52e9002abc398d96cb4903116e78cbb295184cdc9749851ac7f1923e8e9c0a2

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161727
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
417
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C28)
etag
"3c7-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260169582 260243826
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:51:17 GMT
npm.browserify-aes.2e2733b8.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.browserify-aes.2e2733b8.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CCE) /
Resource Hash
85ff3f678e3f69d8cbb242f02666cb4bff9b944e72b44322dad7cfae320ffa96

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161894
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
4239
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6CCE)
etag
"3b64-5c2b015d70900"
vary
Accept-Encoding
x-varnish
826602249 699082681
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 23 May 2022 11:30:28 GMT
npm.browserify-cipher.6ee32eed.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		1 KB
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.browserify-cipher.6ee32eed.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CB6) /
Resource Hash
9004d4ff1ed09b144291fcf6fcaa0957a370976bf762fe634100f297effc9e9f

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161839
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
400
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6CB6)
etag
"422-5c2b015d70900"
vary
Accept-Encoding
x-varnish
709595793 709268658
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:49:26 GMT
npm.browserify-des.062e6d6a.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		988 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.browserify-des.062e6d6a.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C65) /
Resource Hash
71335c1634c214fcc859f2a029ac59c9d9e355c3523e5993b04b6cb8465a454d

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161877
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
488
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C65)
etag
"3dc-5c2b015d70900"
vary
Accept-Encoding
x-varnish
374123969 259997667
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 24 May 2022 10:36:53 GMT
npm.browserify-rsa.aec77900.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		855 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.browserify-rsa.aec77900.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C3D) /
Resource Hash
7e532c6667b369f30bf9705a22be3a86eaa889e73c0e21f024b37ad0d15fcc6a

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161839
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
448
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C3D)
etag
"357-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260097526 259686319
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:49:26 GMT
npm.browserify-sign.13357932.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.browserify-sign.13357932.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C91) /
Resource Hash
d73a9ef42ce935d5eec29ddae519788aaa5512d7f6ad0480a5211b6ae458fa04

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161735
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2307
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C91)
etag
"1cfc-5c2b015d70900"
vary
Accept-Encoding
x-varnish
752442636 750764777
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:51:10 GMT
npm.buffer-xor.7c3c21fa.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		236 B
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.buffer-xor.7c3c21fa.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC8) /
Resource Hash
9d0b80262a33fa48a31314eed0bdbf568eb904f9df1a3a55d7036fca1d034935

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411765
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
191
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6CC8)
etag
"ec-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040637794 1040779273
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:06:13 GMT
npm.cipher-base.61db8c09.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		1 KB
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.cipher-base.61db8c09.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C73) /
Resource Hash
188ea392d7637a2dbda8795724e0057b7417720204d19de055dddd0d0e41c9cf

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
6855461
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
572
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (mil/6C73)
etag
"5a4-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
806214387 799430843
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 20 Mar 2022 17:25:18 GMT
npm.core-util-is.6e36799f.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		1 KB
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.core-util-is.6e36799f.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C5E) /
Resource Hash
9be504714f84fa58f25b9cad34552bc6d43bf33d35bc109780ab7bb566df9050

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411854
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
384
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C5E)
etag
"414-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1041478564 1041130625
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:04:41 GMT
npm.create-ecdh.d4d5598f.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		2 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.create-ecdh.d4d5598f.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BA4) /
Resource Hash
22b4bf26b9c79e0b28e89503a4de4f9153994acdf351d89fc46e3700b5fa7d7b

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
7365478
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
725
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (mil/6BA4)
etag
"6be-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
358707444 206538351
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 14 Mar 2022 16:25:39 GMT
npm.create-hash.edd640e8.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		535 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.create-hash.edd640e8.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C56) /
Resource Hash
5f4f403543b0ab8398be19a68bd906e5b862f4bf3e1372798c0c84336075874f

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411764
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
317
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C56)
etag
"217-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040694306 1040567637
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:03:40 GMT
npm.create-hmac.b29c5277.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		1 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.create-hmac.b29c5277.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC1) /
Resource Hash
339c6d769d8833c8d3012bd23e090f24d3419ea4d4b69855012e9c3271e38ffe

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411582
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
623
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6CC1)
etag
"5ce-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1002680889 1002675340
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:09:15 GMT
npm.crypto-browserify.77f1b6fd.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		2 KB
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.crypto-browserify.77f1b6fd.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C18) /
Resource Hash
b5683bbd63409ac9da7ca876364fd5e0e88b53adaa98b7c95fe2ce448a217ac5

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411558
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
819
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C18)
etag
"736-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040010965 1039714064
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:09:40 GMT
npm.crypto-js.7b2ba548.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.crypto-js.7b2ba548.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC6) /
Resource Hash
0eade3746f17e9891967eae7c851822b3214419a56edf6d6498da2370da23e54

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411855
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2212
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6CC6)
etag
"145d-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1041295247 1040761491
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:04:43 GMT
npm.des.js.2749b0be.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.des.js.2749b0be.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C80) /
Resource Hash
5056009a1b1450ba53675a5f438be1bdbd585db9468d2d81f50882b2c659ed07

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411612
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2837
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C80)
etag
"2151-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1039363223 1040747193
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:08:45 GMT
npm.diffie-hellman.9bfb052f.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.diffie-hellman.9bfb052f.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C0C) /
Resource Hash
f37dfeeefda3f99d6663c824de1584be0b34e27f999a6f9b72e4409635ce41bc

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411855
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2991
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C0C)
etag
"29ae-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040011139 1039913875
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:04:41 GMT
npm.elliptic.441f367a.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		70 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.elliptic.441f367a.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CA7) /
Resource Hash
7bba5809de9c8728b7d8e1f5101224631eb8edf716028eb7d511de3f2374d817

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
7102394
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
30574
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (mil/6CA7)
etag
"11601-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
752863260 796870192
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 25 Mar 2022 07:40:11 GMT
npm.evp_bytestokey.d6c6af2a.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		633 B
519 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.evp_bytestokey.d6c6af2a.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C8F) /
Resource Hash
c837b1dfaf16175200c1abbb9a3eda039b3d1543d5866ae1eaa41eeee71b4251

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
7365403
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
399
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (mil/6C8F)
etag
"279-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
849409926 602213995
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 11 Mar 2022 14:18:06 GMT
npm.hash-base.424bbef4.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		2 KB
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.hash-base.424bbef4.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C2F) /
Resource Hash
1ecd62b677c9161fb94bd27207b10c8ee14483730c0d06747662042ff0ced983

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411764
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
847
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C2F)
etag
"8d5-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1041634243 1040762012
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:03:39 GMT
npm.hash.js.baac61da.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.hash.js.baac61da.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C31) /
Resource Hash
3b481d1a93f3dff7a490e5ddadc9cd6f3d71fdafbe446d368f9948be01353692

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411586
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
5754
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C31)
etag
"3ed5-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1041261717 1041071337
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:06:37 GMT
npm.hmac-drbg.dfba8bc6.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		2 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.hmac-drbg.dfba8bc6.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CA7) /
Resource Hash
0da8990b2deaff73fd3a28b59f8afaf9a141cfc792f6700e3d4c9dcb4195d791

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411586
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
721
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6CA7)
etag
"71d-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1041353822 1041287211
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:09:09 GMT
npm.ieee754.b56c57d9.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		948 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.ieee754.b56c57d9.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C5E) /
Resource Hash
d7ff38ea460ae85369bd6b231f50383eb1a78dda3d1bacaa0f04282f68dc6a8f

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411763
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
537
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C5E)
etag
"3b4-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1041478395 1040762024
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:06:14 GMT
npm.inherits.780b8ce2.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		390 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.inherits.780b8ce2.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C6B) /
Resource Hash
2bc87158139e11011129ae8bf843e030481ea97f9ce45797067bfc20880860a4

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411587
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
234
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C6B)
etag
"186-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040465161 1040876726
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:09:11 GMT
npm.isarray.0fdcbbd5.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		171 B
269 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.isarray.0fdcbbd5.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C19) /
Resource Hash
4bb20c4898a27a3a52e6cb8f21cdddead8255a279e5c490e5aa82e0189581dd8

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411581
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
152
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C19)
etag
"ab-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040820333 1040345771
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:09:14 GMT
npm.md5.js.556fb13a.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.md5.js.556fb13a.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CD9) /
Resource Hash
f282abe4ca6b9f4326859008e162ea0f9ed268872de724a14f5135a2fe8ad6b8

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411611
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1296
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6CD9)
etag
"cc2-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040755968 1040747196
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:06:11 GMT
npm.miller-rabin.77bc08a4.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		1 KB
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.miller-rabin.77bc08a4.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CA8) /
Resource Hash
f09d1406692657e3a2651e0f7f46fac3f3d3ecdb7f5061d2edbaed1600db0622

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411615
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
593
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6CA8)
etag
"52f-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040790647 1040660143
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:08:41 GMT
npm.minimalistic-assert.2c8db5a9.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		239 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.minimalistic-assert.2c8db5a9.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C8E) /
Resource Hash
c60d1063c74ade5dacbd166ae119e9d688db02715841e21ae826b9d62564ebe2

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411763
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
172
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C8E)
etag
"ef-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040263804 1040135831
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:06:14 GMT
npm.minimalistic-crypto-utils.444b30c4.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		675 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.minimalistic-crypto-utils.444b30c4.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CA4) /
Resource Hash
31a97591328133bb55503ae04ccaaa5a65385d77a13dce3b67d2e4bf601bc1ca

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
7369787
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
416
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (mil/6CA4)
etag
"2a3-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
708595961 562797158
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 13 Mar 2022 12:46:08 GMT
npm.parse-asn1.e151f65d.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.parse-asn1.e151f65d.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C78) /
Resource Hash
99762b0fe5da9809648a083071dcf3cde2776217ee4bde215976d6ee2cb25bcc

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411611
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2138
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C78)
etag
"1d13-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040263741 1039712624
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:08:47 GMT
npm.pbkdf2.85be0737.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.pbkdf2.85be0737.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C2F) /
Resource Hash
82620a235ce91107a5c9dc947947a0b36f5646d951b072653bfd23929388a30a

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411854
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1488
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C2F)
etag
"d44-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1041101350 1041130668
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:04:43 GMT
npm.process.1fc92b91.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		2 KB
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.process.1fc92b91.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C76) /
Resource Hash
2d8f51299915ddd7c603568a0bb9f09e51131dc8ef68adab932f541bff05b24e

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411581
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
741
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C76)
etag
"6cf-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1041295262 1041170144
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:09:15 GMT
npm.process-nextick-args.cd8ecdea.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		743 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.process-nextick-args.cd8ecdea.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CBC) /
Resource Hash
2e1138781e8e7bbfbd486a9b43ad0a5179db2fbd5a14ce5cdf65276f8346bfe9

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411580
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
389
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6CBC)
etag
"2e7-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1039823780 1040392484
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:09:19 GMT
npm.public-encrypt.ed3dbb13.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.public-encrypt.ed3dbb13.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C54) /
Resource Hash
55cd050874e30e1598e9f18f7e5eca36ba29c683f5f7bbadfb66a1116e28ccf5

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411577
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1230
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C54)
etag
"c07-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040363263 1040166299
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:06:53 GMT
npm.randombytes.ae5c5ce7.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		666 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.randombytes.ae5c5ce7.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CBF) /
Resource Hash
e0df112ab3c2afb89895e654c8678a8302d0a833061f9d0bc412af6fc77ebc2c

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411615
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
439
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6CBF)
etag
"29a-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1041353756 1041070342
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:08:41 GMT
npm.randomfill.9244f3ce.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		2 KB
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.randomfill.9244f3ce.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C25) /
Resource Hash
e37c205e491eb6ddb7cac766424efebf45f052f983117549cc204d026a01e68f

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411563
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
728
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C25)
etag
"6ab-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040300697 1040230790
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:09:35 GMT
npm.readable-stream.e129657a.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.readable-stream.e129657a.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C6B) /
Resource Hash
ef852aeb7f2795abec2dea2a79492ad843579c0ff531d68c47d6ec5ab58cd19b

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411578
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
10052
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C6B)
etag
"8643-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040010839 1040107709
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:09:20 GMT
npm.ripemd160.2025db64.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.ripemd160.2025db64.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CCE) /
Resource Hash
09d33b8bf2b197f37094de12f70fbebf519aaa660cc5cfdec3f209c3897723cb

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411577
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1170
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6CCE)
etag
"afc-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1041295327 1041071879
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:09:19 GMT
npm.safe-buffer.2890a42e.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		802 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.safe-buffer.2890a42e.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C64) /
Resource Hash
41e3d1818f931c982205673dcef9839c8970acc2f5528abe4fc86aece04ad647

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411576
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
343
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C64)
etag
"322-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1041334098 1041346673
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:06:48 GMT
npm.setimmediate.8aabc28a.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		2 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.setimmediate.8aabc28a.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C1C) /
Resource Hash
693983f446da22ec169ea1cda8e439bdb59297e211af86071e3dddaad1470a28

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411582
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
878
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C1C)
etag
"6d1-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1041478428 1041170141
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:09:16 GMT
npm.sha.js.adcf856b.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.sha.js.adcf856b.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CD2) /
Resource Hash
bc5659878681c2cfd30d8d38093f1c48f76da8b9dad30d9e1341a8f0febedc98

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
6647693
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
4043
access-control-allow-origin
*
last-modified
Mon, 01 Mar 2021 15:58:41 GMT
server
ECAcc (mil/6CD2)
etag
"2c70-5bc7bb10d6e40"
vary
Accept-Encoding
x-varnish
849971699 885610139
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 23 Mar 2022 03:08:06 GMT
npm.timers-browserify.458e8aae.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		1 KB
539 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.timers-browserify.458e8aae.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C3B) /
Resource Hash
aee2dcedf551a2364801daf1384f60ea73d0a6a3ecdb21fbe138c9971e76ae66

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411577
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
442
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C3B)
etag
"475-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1041353769 1041136552
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:09:20 GMT
npm.util-deprecate.1d4ec36e.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		482 B
422 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.util-deprecate.1d4ec36e.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C96) /
Resource Hash
caaee24e77e651e2ab22df93ca029110656a63d4cf16aeeedd468e6cb4c5f3af

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411854
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
303
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C96)
etag
"1e2-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040014661 1039913940
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:02:13 GMT
npm.vm-browserify.1fa065ad.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.vm-browserify.1fa065ad.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/static_include.js?width=501&height=375&contango_tag_path=79073&adunit=/1/syn.tds/93196&pub_id=81311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C34) /
Resource Hash
00bc27952ca428c59c06d9766803b6b634190f9df1f3f97087f83d765e36ed19

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411762
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
985
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C34)
etag
"957-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1039363176 1040684544
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:06:14 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 02 Jun 2021 02:15:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 4C56 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://portal.tds.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.tds.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 01 Jun 2021 21:32:14 GMT
expires
Wed, 01 Jun 2022 21:32:14 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16974
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 2ECC 		783 B
781 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
23bd05fa04ea98369b3e4108ccc093d379d314150ca3a00b113f8eda78fadfdd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AJxy7j/cBMNqyy6qcSed8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://portal.tds.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.tds.net/

Response headers

expires
Wed, 02 Jun 2021 02:15:08 GMT
date
Wed, 02 Jun 2021 02:15:08 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-AJxy7j/cBMNqyy6qcSed8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
pagead2.googlesyndication.com/bg/ Frame 4C56 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
7409
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
expires
Thu, 02 Jun 2022 00:11:39 GMT
npm.css-loader.fcfdedff.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		1 KB
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/npm.css-loader.fcfdedff.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/runtime.05862902.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC8) /
Resource Hash
05d15b90d5d0083b16e9b9917566fc391a5d2822551f3047d0abedeb4b53ec62

Request headers

Origin
https://portal.tds.net
Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411576
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
688
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6CC8)
etag
"4de-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1040790709 1040588962
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:09:18 GMT
default_css.0e4981f7.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/default_css.0e4981f7.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/runtime.05862902.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C6B) /
Resource Hash
034ef92f58ef6d441066f15a2514f3dd65bab5b42ba776c1d071bd773f1fd45f

Request headers

Origin
https://portal.tds.net
Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
1161873
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
2647
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:19 GMT
server
ECAcc (mil/6C6B)
etag
"32db-5c2b015c7c6c0"
vary
Accept-Encoding
x-varnish
260323438 260060037
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:48:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=152741476650782&bg=!GhmlGV3NAAaMan2LjGo7ACkAdvg8WsiTYtE8r-x-1iiOnxjFVPaEtw-_1-VSalrCRV4nRvWMPEvMEgIAAAC4UgAAAB9oAQeZAlHAt3o6n9Mz8kC1KlX85C-5MHZbBoTEKzGfoZ7j4uu65DVuqCvtgfojZu6koWChJ3XmN-yb5p-MHgQro5gQzc48PpGmYuQ0LWKZVO2SoZZ6fMCdTlmKUMLZ97NdZMrRaoSI083Z-8VCZmJuZaZWpTs1oZY0QxVQ9md7jhKKShZvU8D4bgnefl8MSa_77Z11vKnD6B8pcSKjtbhdvVhmqgy_tROhfft2VZKeCGcLWaJAnigguXrJlspz8rxrfxm-5FCMn_8MGoepA5lTQ28o5eS6DpTl1V3vDDrykU0HHe3BYUp4ykV2bakw-P7EC4iNHMU78iMfAtYRWiRTedkncPjJssE1cF5aKq9Hjvq_m_kjoiZ62rVFKzR0B8RW51j0b9CMGdQKhxZan0s4ibQQDB0UQ46DTQ1jYCht2BAoRB9Wo6WmfMuX-2EuVzeI1M17fdZOBSJj8JAF3E3ZCWP5uNoPsyS7XqTgjbLPX1UqprdG4r1Nrb4hUKUTTlDvP888pVWaeev_PYdZsvnnGriGcYYUI-W5UmHyvAukyjxClgJvT9Q3ST_xQKA7snlynqXnREAZjwDP8EDPtqxSfSLGXpK4Hu5CtXDrUgxgmX4NUPd1WVjv35RuH7eLdIJRmYid_B2ZyPuQnkAhcaolTZRZI_YBL50OuZaXIrfdNyk2GzjZjAvHP5Mps7a_24SvxSMQAM7zEg5DzZIkZNnDbispIqD5vwCt3K9YP-LnBO_a7LbiNRIAt1UsBpdDGUDR3-wj2jqK8_iVWi601uyRFJEblQ7xzQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
portal.a2e877d8.bundle.js
engage.media.syn-cdn.com/dist/ Frame 0F14 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/portal.a2e877d8.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/runtime.05862902.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C7B) /
Resource Hash
fe9f77fdd8b2d5a727ebf5b713902b83297240acdfedfe7fd997ab3712a429c0

Request headers

Origin
https://portal.tds.net
Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
8411607
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
3537
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C7B)
etag
"28c1-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1041501648 1041469894
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:08:46 GMT
url-list.js
engage.media.syn-cdn.com/ Frame 0F14 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/url-list.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/url_lists.3d3dc40d.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
1d6c771d5a031898c49a43f646165414ca6cea0d2c24bbed59a3828d8641c0fe

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:08 GMT
content-encoding
gzip
age
502
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1990
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:19 GMT
server
nginx
etag
"168d-5c2b015c7c6c0"
vary
Accept-Encoding
x-varnish
177091280 176422557
via
1.1 varnish
cache-control
public, max-age=900, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 02 Jun 2021 02:21:46 GMT
93196.json
reflex-engage.media.syn-cdn.com/v/1/syn.tds/ Frame 0F14 		46 B
349 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://reflex-engage.media.syn-cdn.com/v/1/syn.tds/93196.json
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/main.9c542206.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
781b37d2e918497f4d083a80653aeb92d9219ef9636d4153bfa85881da91d0f0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
last-modified
Wed, 02 Jun 2021 01:56:55 GMT
server
AmazonS3
x-amz-request-id
DKGAKVWER30APQT1
etag
"af4e117836f6aa6dfe4f5b87855ffbc9"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=900, immutable
accept-ranges
bytes
content-length
46
x-amz-id-2
r3ZYZWtNegmL/o8uRZ0c3ScPNTb40zipfaf6mNYbpFJUTrmxHlSsex4t81mdcbi+fq6MxOAW1rY=
index.d0be6d8.html
engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/ Frame 6A80 		213 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/main.9c542206.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C75) /
Resource Hash
37aa2c2e614dea8465538ebf32d2c9ac3c7b1f79dc72a2c64a1352a6e65f5ecd

Request headers

:method
GET
:authority
engage.media.syn-cdn.com
:scheme
https
:path
/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://portal.tds.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.tds.net/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
1161754
cache-control
public, max-age=31536000, immutable
content-type
text/html; charset=UTF-8
date
Wed, 02 Jun 2021 02:15:09 GMT
etag
"d5-5c2b015d70900"
expires
Thu, 02 Jun 2022 01:52:05 GMT
last-modified
Wed, 19 May 2021 15:00:20 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (mil/6C75)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
709407560 708800039
content-length
186
hls.light.min.js
cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/ Frame C5D7 		182 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/main.9c542206.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9fb48084f1a7d8d8fc8d04196f50eca02e2de8a93332b91af55bf9cce37649bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2330762
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
53601
etag
W/"2d606-yxBQBEYmlQftoUevDqxt5g6evwY"
x-served-by
cache-fra19180-FRA, cache-hhn4078-HHN
date
Wed, 02 Jun 2021 02:15:09 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
en
am4.syn-api.com/api/6/asset/list/client/showcase/expand/list/provider/vwibbitz/genres/Lifestyle/rows/25/media_scheme/mp4/language/ Frame 0F14 		40 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://am4.syn-api.com/api/6/asset/list/client/showcase/expand/list/provider/vwibbitz/genres/Lifestyle/rows/25/media_scheme/mp4/language/en
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/main.9c542206.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.122.131.28 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
04b7a73ab1a30ebe3cee7f65505258710779ae5d3ac58494dbea3cdd8ce38589

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
server
nginx
age
294
x-timer
-0.000
vary
Origin,Accept-Encoding
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
access-control-allow-origin
https://portal.tds.net
cache-control
max-age=900, x-grace=3600
x-varnish
1050839815 1050059032
accept-ranges
bytes
content-type
application/json; charset=utf-8
content-length
4379
via
1.1 varnish
loader.d0be6d8.js
engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/ Frame 6A80 		560 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CCA) /
Resource Hash
57f4d34635f7e17def2246793d657afa37c616065e8e37546804bb1ed532fdcd

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161878
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
315
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6CCA)
etag
"230-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260354556 259420362
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:01 GMT
npm.core-js.bdfadd6a.bundle.js
engage.media.syn-cdn.com/dist// Frame 6A80 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.core-js.bdfadd6a.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CD3) /
Resource Hash
d23315dd9b05fa45de16411e0a89aa0102fa793a3f14089ab76354d634238520

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161868
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
35118
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6CD3)
etag
"19fd1-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260168427 259778766
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:09 GMT
npm.babel.runtime.384d0496.bundle.js
engage.media.syn-cdn.com/dist// Frame 6A80 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.babel.runtime.384d0496.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC2) /
Resource Hash
9ed5cad40a12c15b161c8801b7c29a8d9a279b45c5d926071994d60301e2bd55

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
24736185
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1562
access-control-allow-origin
*
last-modified
Wed, 19 Aug 2020 18:18:55 GMT
server
ECAcc (mil/6CC2)
etag
"1106-5ad3f095a21c0"
vary
Accept-Encoding
x-varnish
336459682 334922267
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 01 Jun 2022 22:58:13 GMT
main~safeframe.d0680278.bundle.js
engage.media.syn-cdn.com/dist// Frame 6A80 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//main~safeframe.d0680278.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C91) /
Resource Hash
cd060d75cf69e51cdec269dddff5cec5c6b3e85733d3a748e8debd5bb227ce00

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161823
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
4770
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C91)
etag
"3650-5c2b015d70900"
vary
Accept-Encoding
x-varnish
709260244 709211003
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:55 GMT
npm.entities.62b6714b.bundle.js
engage.media.syn-cdn.com/dist// Frame 6A80 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.entities.62b6714b.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CA0) /
Resource Hash
4e629876f06e9131d30fa228f18833fec649e00e775e25187c167453cf2e68f1

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161732
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
13403
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6CA0)
etag
"94ca-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260012117 259781082
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:52:25 GMT
npm.events.db12d2bd.bundle.js
engage.media.syn-cdn.com/dist// Frame 6A80 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.events.db12d2bd.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C38) /
Resource Hash
3f12679987ae742b0faeef7f9453165cac5765bed785b21e6c1e73d3e4425418

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161734
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1869
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C38)
etag
"155e-5c2b015d70900"
vary
Accept-Encoding
x-varnish
752823770 750764847
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:52:24 GMT
npm.jsonpath.ece13fb3.bundle.js
engage.media.syn-cdn.com/dist// Frame 6A80 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.jsonpath.ece13fb3.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C63) /
Resource Hash
fc2ba5a4908fe6e3aa05ceb8322abd0ea66bec325030f9a5f20314d79783d371

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161822
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
26575
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C63)
etag
"14700-5c2b015d70900"
vary
Accept-Encoding
x-varnish
709344426 709211009
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:54 GMT
npm.os.frame-jail.1cdacdb0.bundle.js
engage.media.syn-cdn.com/dist// Frame 6A80 		39 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C2A) /
Resource Hash
7b8ed82a957ce11b42b909e91f82dc310bf019fc087ac9c2e93dc978ed70ac2b

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161759
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
9209
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C2A)
etag
"9bc0-5c2b015d70900"
vary
Accept-Encoding
x-varnish
753014550 750764433
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:51:58 GMT
npm.synacor.dead-saxy.ff4b4bdc.bundle.js
engage.media.syn-cdn.com/dist// Frame 6A80 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.synacor.dead-saxy.ff4b4bdc.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C7B) /
Resource Hash
7361d0f700589a2c75a20699065577375cc67d1e38702cb6baef5dc8545bbe16

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161877
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
14781
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C7B)
etag
"e5c3-5c2b015d70900"
vary
Accept-Encoding
x-varnish
752631626 752499245
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:00 GMT
npm.synacor.url-match-list.d838eb65.bundle.js
engage.media.syn-cdn.com/dist// Frame 6A80 		2 KB
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.synacor.url-match-list.d838eb65.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C8B) /
Resource Hash
8e96e9d7df556a11efe5b1bf18d0c26b09e3e1127496b9a1e3648b201e298437

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161823
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
866
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C8B)
etag
"887-5c2b015d70900"
vary
Accept-Encoding
x-varnish
709344457 709301003
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:54 GMT
npm.webpack.78d57302.bundle.js
engage.media.syn-cdn.com/dist// Frame 6A80 		518 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.webpack.78d57302.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C07) /
Resource Hash
70411b01aa4b80cce652bfe8bdcadd4d72010c503df66bd60d1466a10304cc36

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161759
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
290
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C07)
etag
"206-5c2b015d70900"
vary
Accept-Encoding
x-varnish
709344482 708934724
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:51:58 GMT
runtime.05862902.bundle.js
engage.media.syn-cdn.com/dist// Frame 6A80 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//runtime.05862902.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC3) /
Resource Hash
a4015a75b1f97f18d57dea009a00586285d8803f25843d941eb7de10f624f017

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161754
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1496
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6CC3)
etag
"b44-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260476383 259967453
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:52:03 GMT
url_lists.3d3dc40d.bundle.js
engage.media.syn-cdn.com/dist// Frame 6A80 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//url_lists.3d3dc40d.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C21) /
Resource Hash
eae0c4f02c7657b2146853859f2e2bd9030a618eed96b8236a9e821d9746a8e7

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161822
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
3066
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C21)
etag
"214f-5c2b015d70900"
vary
Accept-Encoding
x-varnish
752508141 752783465
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:53 GMT
safeframe.f5ef96f0.bundle.js
engage.media.syn-cdn.com/dist// Frame 6A80 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//safeframe.f5ef96f0.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C5E) /
Resource Hash
072dbd86d1594850dd46ced4a93b4f94f043bbfda118dbdc32c9025bb0311c29

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161822
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
7003
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C5E)
etag
"54d0-5c2b015d70900"
vary
Accept-Encoding
x-varnish
806384019 709301012
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 25 May 2022 14:38:48 GMT
uat_79073.js
ad-cdn.technoratimedia.com/00/00/00/ Frame 6A80 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/00/00/00/uat_79073.js?ad_size=300x250&pub_code=%2F1%2Fsyn.tds%2F93196&seat=autoplay&idx=1&referrer=https%3A%2F%2Fportal.tds.net%2F&callback=contango_callback
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.synacor.dead-saxy.ff4b4bdc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
a54d25ecdfd5c0a0ed00dad0b58e4389e3e7d7271b595195e464b393c90a31a1

Request headers

Referer
https://engage.media.syn-cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
0
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
4049
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 14:47:08 GMT
server
nginx
etag
"2c17-5c2afe6a21300"
vary
Accept-Encoding
x-varnish
177187792
via
1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 02 Jun 2021 02:30:09 GMT
index.d0be6d8.html
engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/ Frame 33F4 		213 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist/main.9c542206.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C75) /
Resource Hash
37aa2c2e614dea8465538ebf32d2c9ac3c7b1f79dc72a2c64a1352a6e65f5ecd

Request headers

:method
GET
:authority
engage.media.syn-cdn.com
:scheme
https
:path
/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://portal.tds.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.tds.net/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
1161754
cache-control
public, max-age=31536000, immutable
content-type
text/html; charset=UTF-8
date
Wed, 02 Jun 2021 02:15:09 GMT
etag
"d5-5c2b015d70900"
expires
Thu, 02 Jun 2022 01:52:05 GMT
last-modified
Wed, 19 May 2021 15:00:20 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (mil/6C75)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
709407560 708800039
content-length
186
loader.d0be6d8.js
engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/ Frame 33F4 		560 B
380 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CCA) /
Resource Hash
57f4d34635f7e17def2246793d657afa37c616065e8e37546804bb1ed532fdcd

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161878
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
315
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6CCA)
etag
"230-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260354556 259420362
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:01 GMT
npm.core-js.bdfadd6a.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.core-js.bdfadd6a.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CD3) /
Resource Hash
d23315dd9b05fa45de16411e0a89aa0102fa793a3f14089ab76354d634238520

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161868
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
35118
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6CD3)
etag
"19fd1-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260168427 259778766
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:09 GMT
npm.babel.runtime.384d0496.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.babel.runtime.384d0496.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC2) /
Resource Hash
9ed5cad40a12c15b161c8801b7c29a8d9a279b45c5d926071994d60301e2bd55

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
24736185
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1562
access-control-allow-origin
*
last-modified
Wed, 19 Aug 2020 18:18:55 GMT
server
ECAcc (mil/6CC2)
etag
"1106-5ad3f095a21c0"
vary
Accept-Encoding
x-varnish
336459682 334922267
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 01 Jun 2022 22:58:13 GMT
main~safeframe.d0680278.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//main~safeframe.d0680278.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C91) /
Resource Hash
cd060d75cf69e51cdec269dddff5cec5c6b3e85733d3a748e8debd5bb227ce00

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161823
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
4770
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C91)
etag
"3650-5c2b015d70900"
vary
Accept-Encoding
x-varnish
709260244 709211003
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:55 GMT
npm.entities.62b6714b.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.entities.62b6714b.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CA0) /
Resource Hash
4e629876f06e9131d30fa228f18833fec649e00e775e25187c167453cf2e68f1

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161732
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
13403
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6CA0)
etag
"94ca-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260012117 259781082
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:52:25 GMT
npm.events.db12d2bd.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.events.db12d2bd.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C38) /
Resource Hash
3f12679987ae742b0faeef7f9453165cac5765bed785b21e6c1e73d3e4425418

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161734
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1869
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C38)
etag
"155e-5c2b015d70900"
vary
Accept-Encoding
x-varnish
752823770 750764847
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:52:24 GMT
npm.jsonpath.ece13fb3.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.jsonpath.ece13fb3.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C63) /
Resource Hash
fc2ba5a4908fe6e3aa05ceb8322abd0ea66bec325030f9a5f20314d79783d371

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161822
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
26575
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C63)
etag
"14700-5c2b015d70900"
vary
Accept-Encoding
x-varnish
709344426 709211009
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:54 GMT
npm.os.frame-jail.1cdacdb0.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		39 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C2A) /
Resource Hash
7b8ed82a957ce11b42b909e91f82dc310bf019fc087ac9c2e93dc978ed70ac2b

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161759
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
9209
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C2A)
etag
"9bc0-5c2b015d70900"
vary
Accept-Encoding
x-varnish
753014550 750764433
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:51:58 GMT
npm.synacor.dead-saxy.ff4b4bdc.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		57 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.synacor.dead-saxy.ff4b4bdc.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C7B) /
Resource Hash
7361d0f700589a2c75a20699065577375cc67d1e38702cb6baef5dc8545bbe16

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161877
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
14781
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C7B)
etag
"e5c3-5c2b015d70900"
vary
Accept-Encoding
x-varnish
752631626 752499245
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:00 GMT
npm.synacor.url-match-list.d838eb65.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		2 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.synacor.url-match-list.d838eb65.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C8B) /
Resource Hash
8e96e9d7df556a11efe5b1bf18d0c26b09e3e1127496b9a1e3648b201e298437

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161823
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
866
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C8B)
etag
"887-5c2b015d70900"
vary
Accept-Encoding
x-varnish
709344457 709301003
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:54 GMT
npm.webpack.78d57302.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		518 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.webpack.78d57302.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C07) /
Resource Hash
70411b01aa4b80cce652bfe8bdcadd4d72010c503df66bd60d1466a10304cc36

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161759
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
290
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C07)
etag
"206-5c2b015d70900"
vary
Accept-Encoding
x-varnish
709344482 708934724
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:51:58 GMT
runtime.05862902.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//runtime.05862902.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC3) /
Resource Hash
a4015a75b1f97f18d57dea009a00586285d8803f25843d941eb7de10f624f017

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161754
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1496
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6CC3)
etag
"b44-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260476383 259967453
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:52:03 GMT
url_lists.3d3dc40d.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//url_lists.3d3dc40d.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C21) /
Resource Hash
eae0c4f02c7657b2146853859f2e2bd9030a618eed96b8236a9e821d9746a8e7

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161822
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
3066
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C21)
etag
"214f-5c2b015d70900"
vary
Accept-Encoding
x-varnish
752508141 752783465
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:53 GMT
safeframe.f5ef96f0.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//safeframe.f5ef96f0.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/js/loader.d0be6d8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C5E) /
Resource Hash
072dbd86d1594850dd46ced4a93b4f94f043bbfda118dbdc32c9025bb0311c29

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161822
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
7003
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C5E)
etag
"54d0-5c2b015d70900"
vary
Accept-Encoding
x-varnish
806384019 709301012
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 25 May 2022 14:38:48 GMT
npm.stream-browserify.f3f44d3a.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.stream-browserify.f3f44d3a.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CAE) /
Resource Hash
46b5efe32423049467d41586b84962af93f154b542ca4e34ea0216ea7747f186

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161726
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
7246
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6CAE)
etag
"60b1-5c2b015d70900"
vary
Accept-Encoding
x-varnish
892562159 752628969
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 22 May 2022 10:15:10 GMT
npm.string_decoder.34d1b1e2.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.string_decoder.34d1b1e2.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C35) /
Resource Hash
a16e154e8fb61d9a8cc79561fb5b26e52a933eff04cd4fc4243c9bc2cfae3395

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161734
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
1394
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C35)
etag
"1165-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260476445 259968015
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:52:22 GMT
npm.base64-js.82b3c51c.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		1 KB
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.base64-js.82b3c51c.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C90) /
Resource Hash
06c2cd271841d970111ce4bdf05baf71f829e76d9a44fdb35ced1a94e1a6fb15

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
8411854
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
781
access-control-allow-origin
*
last-modified
Wed, 24 Feb 2021 17:06:48 GMT
server
ECAcc (mil/6C90)
etag
"5c0-5bc180f733a00"
vary
Accept-Encoding
x-varnish
1041414685 1041402083
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 02:04:31 GMT
npm.buffer.c24ca057.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.buffer.c24ca057.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BA6) /
Resource Hash
6bc2b8fea24fa1c8b174c7129eb2061dd61cb439252efcf3350a418ff38721dd

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161893
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
5914
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6BA6)
etag
"4dc5-5c2b015d70900"
vary
Accept-Encoding
x-varnish
359840392 260059814
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 25 May 2022 09:42:39 GMT
npm.synacor.vpaid-loader.8b68bd9c.bundle.js
engage.media.syn-cdn.com/dist// Frame 33F4 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist//npm.synacor.vpaid-loader.8b68bd9c.bundle.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C92) /
Resource Hash
33ac5d23f6f7f0ce3ba0599df5b54284bb3a9a709dd700594be732480a5263d6

Request headers

Referer
https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
1161819
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
14058
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 15:00:20 GMT
server
ECAcc (mil/6C92)
etag
"af3c-5c2b015d70900"
vary
Accept-Encoding
x-varnish
260096714 259848443
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 02 Jun 2022 01:50:56 GMT
dc_oe=ChMIlo3_s_D38AIVnYWDBx32Cw5oEAAYACCz55RIQhMIxt66s_D38AIVxqN3Ch2Nvg18;met=1;&timestamp=1622600109474;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 267B 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIlo3_s_D38AIVnYWDBx32Cw5oEAAYACCz55RIQhMIxt66s_D38AIVxqN3Ch2Nvg18;met=1;&timestamp=1622600109474;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com
URL: https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1163
vid.springserve.com/rt/ Frame 33F4 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/rt/1163?w=501&h=375&cb=5752379013837758&is_inview=1&mute=1&ap=1&vid=381822082&vt=&kwds=&zid=&sid=%2F1%2Fsyn.tds%2F93196&url=https%3A%2F%2Fportal.tds.net%2F&v_url=&browser=chrome&adunit=%2F1%2Fsyn.tds%2F93196&crossdomain=0&client=syn.tds&dur=48&sizebucket=large&dfpcid=&testbucket=5&inview=1&domain=portal.tds.net&nc=0&ud=0&bt=0&avs=1&sec=1&vp=100&vw=1&rm=0&us_privacy=1NNN&schain=1.0%2C1!synacor.com%2C81311%2C1&payid=e108f11b2cdf7d5b
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.94.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2ed089c4649e0a8bc22fc45d8fca37f43741ea4efa80dc4043c2cffda83e46df

Request headers

Referer
https://engage.media.syn-cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://engage.media.syn-cdn.com
date
Wed, 02 Jun 2021 02:15:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml;charset=UTF-8
usersync.html
ad-cdn.technoratimedia.com/html/ Frame BEB7 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.synacor.dead-saxy.ff4b4bdc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C9B) /
Resource Hash
ff8efe03e36fae8294a9f7448f03cd707e09935b213ea2d445efcbcab7370790

Request headers

:method
GET
:authority
ad-cdn.technoratimedia.com
:scheme
https
:path
/html/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://engage.media.syn-cdn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tads_uid=GDPR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://engage.media.syn-cdn.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
533
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Wed, 02 Jun 2021 02:15:09 GMT
etag
"42b7-5c2afe6a21300"
expires
Wed, 02 Jun 2021 02:30:09 GMT
last-modified
Wed, 19 May 2021 14:47:08 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (mil/6C9B)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
177177779
content-length
5429
adserv_79073.js
adtag.technoratimedia.com/ Frame 6A80 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adtag.technoratimedia.com/adserv_79073.js?ad_size=300x250&pub_code=%2F1%2Fsyn.tds%2F93196&seat=autoplay&idx=1&referrer=https%3A%2F%2Fportal.tds.net%2F&callback=contango_callback&&disp=referrer&tmiv=1&tcb=0.9353525049639286&abv=ATF
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.synacor.dead-saxy.ff4b4bdc.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e76f205a6c1ee026558ccb3b21cdfcc93e58732ebc4cd522941f8608ae519d0f

Request headers

Referer
https://engage.media.syn-cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
https://engage.media.syn-cdn.com/
access-control-allow-credentials
true
x-varnish
927173308
accept-ranges
bytes
content-length
1061
via
1.1 varnish
dc_oe=ChMIkYn_s_D38AIVhJN3Ch1uVw_yEAAYACCd4eFHQhMIxd66s_D38AIVxqN3Ch2Nvg18;met=1;&timestamp=1622600109561;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 66DB 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkYn_s_D38AIVhJN3Ch1uVw_yEAAYACCd4eFHQhMIxd66s_D38AIVxqN3Ch2Nvg18;met=1;&timestamp=1622600109561;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com
URL: https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vpaid_080396f1.js
vpaid.springserve.com/production/ Frame 5A0C 		484 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_080396f1.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a000:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f709476b182267397576b3beb459e9a8eebd1e48add27eb10892df97dd9dbd1a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 19:16:39 GMT
content-encoding
gzip
last-modified
Mon, 24 May 2021 17:26:37 GMT
server
AmazonS3
age
716310
etag
W/"368702826ce0310893c6e1cbf126c14f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
WRRL0QKxRyASrm6i4J02bgzC01hBC3L-XnK-M4LDdDiJCl8ZL2eCFQ==
psa.js
ad-cdn.technoratimedia.com/psa/ Frame 6A80 		2 KB
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/psa/psa.js
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.synacor.dead-saxy.ff4b4bdc.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C7C) /
Resource Hash
3adaa4daf4886e87addc1d25cf0b421cd6ed149dcb621ad42011b681df46e07e

Request headers

Referer
https://engage.media.syn-cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
age
169
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
706
access-control-allow-origin
*
last-modified
Wed, 19 May 2021 14:47:08 GMT
server
ECAcc (mil/6C7C)
etag
"81c-5c2afe6a21300"
vary
Accept-Encoding
x-varnish
177028902
via
1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 02 Jun 2021 02:30:09 GMT
pixel
uat-net.technoratimedia.com/ Frame 6A80 		0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/pixel?rid=15859011393163324&id=3&bid=TMX&mkt=2&sz=300x250
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.synacor.dead-saxy.ff4b4bdc.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://engage.media.syn-cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
965903025
access-control-allow-origin
https://engage.media.syn-cdn.com/
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
walmart_300x250_2.jpg
ad-cdn.technoratimedia.com/psa/creatives/ Frame 6A80 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-cdn.technoratimedia.com/psa/creatives/walmart_300x250_2.jpg
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//_ads/sf/1-1-0/html/index.d0be6d8.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CA4) /
Resource Hash
9333093d62b2bdce025d4f2d10a2d3dcfb06efadc22cc4264e30915e6f2254b4

Request headers

Referer
https://engage.media.syn-cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
via
1.1 varnish
last-modified
Wed, 19 May 2021 14:47:08 GMT
server
ECAcc (mil/6CA4)
age
769
etag
"ea07-5c2afe6a21300"
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
access-control-allow-origin
*
cache-control
max-age=900
x-varnish
435310190
accept-ranges
bytes
content-type
image/jpeg
content-length
59911
expires
Wed, 02 Jun 2021 02:30:09 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 5A0C 		157 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fbe04120c12a6f5ac1fe942c2fd5837914e9fa5e486d12679aa8ba25e2379b19

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:09 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://engage.media.syn-cdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
154
expires
0
tag
b1m42-2hald.ads.tremorhub.com/ad/ Frame 5A0C 		55 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1m42-2hald.ads.tremorhub.com/ad/tag?adCode=b1m42-dn1uv&playerWidth=501&playerHeight=375&srcPageUrl=https%3A%2F%2Fportal.tds.net%2F&schain=1.0,1!synacor.com,81311,1,,,&fmt=json
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:633b:993:9fb0:9786 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
25432ac38f4174a08571c6643044328dac804a35905756279f3fb085e2ac0dc1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:10 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://engage.media.syn-cdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
springserve
uat-net.technoratimedia.com/openrtb/bids/ Frame 5A0C 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat-net.technoratimedia.com/openrtb/bids/springserve
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Jun 2021 02:15:09 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
891089812
access-control-allow-origin
https://engage.media.syn-cdn.com
access-control-allow-credentials
true
cygnus
as-sec.casalemedia.com/ Frame 5A0C 		46 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?fn=indexResponseaf07ac5b97&v=8.8&s=314515&r=%7B%22id%22%3A%22af07ac5b97%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fportal.tds.net%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fportal.tds.net%2F%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22w%22%3A501%2C%22h%22%3A375%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22playbackmethod%22%3A%5B2%5D%2C%22startdelay%22%3A0%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22pr_1_1_s%22%2C%22custom%22%3A%22videoPlayback%22%7D%2C%22bidfloor%22%3A0%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22synacor.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%2281311%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221NNN%22%7D%7D%7D
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c962ea50f6c944cfc91a9e3bee1ab2945252358011a2866dd19ff5bf9d1e995c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:10 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[CH], RC:[ZH], CN:[EU], CIP:[91.132.136.92], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/javascript
Content-Length
58
X-AK-CLIENT-GEO
12
Expires
Wed, 02 Jun 2021 02:15:10 GMT
springserve
uat-net.technoratimedia.com/openrtb/bids/ Frame 5A0C 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat-net.technoratimedia.com/openrtb/bids/springserve
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Jun 2021 02:15:10 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
973144333
access-control-allow-origin
https://engage.media.syn-cdn.com
access-control-allow-credentials
true
tag
fzbtq.ads.tremorhub.com/ad/ Frame 5A0C 		55 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fzbtq.ads.tremorhub.com/ad/tag?adCode=b1m42-sndsm&playerWidth=501&playerHeight=375&srcPageUrl=https%3A%2F%2Fportal.tds.net%2F&schain=1.0,1!synacor.com,81311,1,,,&fmt=json
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:9878:bccc:ffb4:c803 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
456c8c1b78e6129ec11a069e160cbfbf24724101fb34237af5618b8f2508ff87

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:10 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://engage.media.syn-cdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
prebid
ib.adnxs.com/ut/v3/ Frame 5A0C 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ed097c7bcdbc3cfeb6c75a44ae42aa133e730ca7b3535d7994d0403368fca032
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:10 GMT
X-Proxy-Origin
91.132.136.92; 91.132.136.92; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid
c22094c1-19b5-4dd4-b2b9-83cbcc590f23
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://engage.media.syn-cdn.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 5A0C 		157 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a307d036a523a32395518a20a62eda7abf945f95ae2f6649d58b0dec1761a335

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:10 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://engage.media.syn-cdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
153
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 5A0C 		158 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
477939ebb16e47ae4fdcfe02358e8f0122135a2ebbb80756943911f3ead68dc3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:10 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://engage.media.syn-cdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
154
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 5A0C 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b7386e27748b06c72146e37cf3f7268d13ed51cebdd88f10017c1ab621cebd77
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 02:15:10 GMT
X-Proxy-Origin
91.132.136.92; 91.132.136.92; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.239:80
AN-X-Request-Uuid
c5447685-3a32-40ef-89ee-00bce4eb15cb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://engage.media.syn-cdn.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i
vid-io-dub.springserve.com/vd/ Frame 5A0C 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-dub.springserve.com/vd/i?suuid=af07ac5b&ps_id=622941&batch=1
Requested by
Host: engage.media.syn-cdn.com
URL: https://engage.media.syn-cdn.com/dist//npm.os.frame-jail.1cdacdb0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.52.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://engage.media.syn-cdn.com
date
Wed, 02 Jun 2021 02:15:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
ae68dab4f2e822cd7a33ecba12832316ef2c16fb
vam-image.media.syn-cdn.com/ae/68/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vam-image.media.syn-cdn.com/ae/68/ae68dab4f2e822cd7a33ecba12832316ef2c16fb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C7A) /
Resource Hash
564e7451da3e364dfc714b7c23b8ad3ef59164a35457b61e3b6a3f34aa00f2ce

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:11 GMT
last-modified
Wed, 05 May 2021 14:40:49 GMT
server
ECAcc (mil/6C7A)
age
2327453
etag
"2ea0-5c1962e48721b"
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
access-control-allow-origin
*
cache-control
max-age=365000000, immutable
accept-ranges
bytes
content-type
image/jpeg
content-length
11936
9c43495e8c79469a9a0858fc6cadae5a_200k_32k_480x0.mp4.m3u8
vam-streaming.media.syn-cdn.com/0e/3f/wibbitz/ 		515 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vam-streaming.media.syn-cdn.com/0e/3f/wibbitz/9c43495e8c79469a9a0858fc6cadae5a_200k_32k_480x0.mp4.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C86) /
Resource Hash
91b7feadc086d50a47f3c6e3e02aae9e576fbabf6fa19ccb047d9cb059f7e3d0

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:11 GMT
last-modified
Wed, 05 May 2021 14:41:07 GMT
server
ECAcc (mil/6C86)
age
311159
x-cache
HIT
content-type
application/x-mpegURL
access-control-allow-origin
*
accept-ranges
bytes
content-length
515
9c43495e8c79469a9a0858fc6cadae5a_200k_32k_480x0.mp4+0.ts
vam-streaming.media.syn-cdn.com/0e/3f/wibbitz/ 		419 KB
420 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vam-streaming.media.syn-cdn.com/0e/3f/wibbitz/9c43495e8c79469a9a0858fc6cadae5a_200k_32k_480x0.mp4+0.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C44) /
Resource Hash
ea3c3170f6458b1716eb6a5057b8124b78446775a199f45e78f6344966523ac5

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:11 GMT
last-modified
Wed, 05 May 2021 14:41:07 GMT
server
ECAcc (mil/6C44)
age
311157
x-cache
HIT
content-type
video/MP2T
access-control-allow-origin
*
accept-ranges
bytes
content-length
429392
41b98464-ca88-49eb-96b7-2d33e9949ed9
https://portal.tds.net/ Frame C5D7 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://portal.tds.net/41b98464-ca88-49eb-96b7-2d33e9949ed9
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75ae82973872a4e10d12bf025fc17c12830f9f1723e32dcbbc6de6b6770a2015

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
track.gif
portal.tds.net/images/track/ 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.tds.net/images/track/track.gif?action=impression&cubecomponent=HomePage.Dcc.Card&contentarea=dcc&contenttext=Harry%20Reid%27s%20Secret%20UFO%20Meetings%20Were%20Just%20The%20Start&contentsource=Newser%20%2F%20Getty%20Images&contentid=newser-harry_reids_secret_ufo_jaunts_were_just_the_start-rnewsersyn&contenttype=article&contentsecondaryposition=2&pagescrollyposition=0&ts=1622600111322
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.8.70.222 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.tds.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.tds.net/
Connection
keep-alive
Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:15:11 GMT
Via
1.1 varnish
Last-Modified
Wed, 02 Jun 2010 18:24:58 GMT
Server
nginx
Age
0
ETag
"2b-488103510f280"
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
X-Varnish
536288440
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
9c43495e8c79469a9a0858fc6cadae5a_200k_32k_480x0.mp4+12466.ts
vam-streaming.media.syn-cdn.com/0e/3f/wibbitz/ 		416 KB
416 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vam-streaming.media.syn-cdn.com/0e/3f/wibbitz/9c43495e8c79469a9a0858fc6cadae5a_200k_32k_480x0.mp4+12466.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C36) /
Resource Hash
6ef4a8203653f0243437308f35bfbc19cc661812f514dfa06b1d653c8aa1cf98

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:11 GMT
last-modified
Wed, 05 May 2021 14:41:07 GMT
server
ECAcc (mil/6C36)
age
311151
x-cache
HIT
content-type
video/MP2T
access-control-allow-origin
*
accept-ranges
bytes
content-length
425632
autoplay-font.c4fe1a1a.woff
engage.media.syn-cdn.com/dist/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://engage.media.syn-cdn.com/dist/autoplay-font.c4fe1a1a.woff
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CBA) /
Resource Hash
c4fe1a1a66f1724b40262a880ac9d2a22dd5005e8c0e770cc781b58d0c6a0a56

Request headers

Origin
https://portal.tds.net
Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:11 GMT
via
1.1 varnish
last-modified
Tue, 21 Jul 2020 21:22:42 GMT
server
ECAcc (mil/6CBA)
age
26913674
etag
"a88-5aafa3936ec80"
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-varnish
668480785 59853241
accept-ranges
bytes
content-type
application/font-woff
content-length
2696
expires
Thu, 25 Nov 2021 00:09:45 GMT
9c43495e8c79469a9a0858fc6cadae5a_200k_32k_480x0.mp4+24066.ts
vam-streaming.media.syn-cdn.com/0e/3f/wibbitz/ 		238 KB
238 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vam-streaming.media.syn-cdn.com/0e/3f/wibbitz/9c43495e8c79469a9a0858fc6cadae5a_200k_32k_480x0.mp4+24066.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C6A) /
Resource Hash
9271364ccc7371d1f0e4b21156d8e786d6458de3f82a9c7ea23099dbd5f3e47b

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:11 GMT
last-modified
Wed, 05 May 2021 14:41:07 GMT
server
ECAcc (mil/6C6A)
age
311148
x-cache
HIT
content-type
video/MP2T
access-control-allow-origin
*
accept-ranges
bytes
content-length
243648
pixel
uat-net.technoratimedia.com/ Frame 6A80 		0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/pixel?rid=15859011393163324&id=9&mpos=2&apos=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://engage.media.syn-cdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:11 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
906676424
access-control-allow-origin
https://engage.media.syn-cdn.com/
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
9c43495e8c79469a9a0858fc6cadae5a_200k_32k_480x0.mp4+30300.ts
vam-streaming.media.syn-cdn.com/0e/3f/wibbitz/ 		421 KB
421 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vam-streaming.media.syn-cdn.com/0e/3f/wibbitz/9c43495e8c79469a9a0858fc6cadae5a_200k_32k_480x0.mp4+30300.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4/dist/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C5A) /
Resource Hash
91e29352c54f2d7cc590930880bd5273e4af4ad0165f95f6a7ad9d4f16f8f404

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:11 GMT
last-modified
Wed, 05 May 2021 14:41:07 GMT
server
ECAcc (mil/6C5A)
age
492041
x-cache
HIT
content-type
video/MP2T
access-control-allow-origin
*
accept-ranges
bytes
content-length
431084
track.gif
portal.tds.net/images/track/ 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.tds.net/images/track/track.gif?action=impression&cubecomponent=HomePage.Dcc.Card&contentarea=dcc&contentid=Gen4%20DS%20Component%20Container&contenttype=framework-entity&contentsecondaryposition=3&pagescrollyposition=0&ts=1622600116591
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.8.70.222 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.tds.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.tds.net/
Connection
keep-alive
Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:15:16 GMT
Via
1.1 varnish
Last-Modified
Wed, 02 Jun 2010 18:24:58 GMT
Server
nginx
Age
0
ETag
"2b-488103510f280"
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
X-Varnish
542805794
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
/
vam-image.media.syn-cdn.com/cc/ab/ccabda06fafda7bd5cc6be289cf5d01c111cc3c7/w=732,h=411,crop=focus/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vam-image.media.syn-cdn.com/cc/ab/ccabda06fafda7bd5cc6be289cf5d01c111cc3c7/w=732,h=411,crop=focus/?app=portal&sig=2b95d8eca575c597fc56cb2f9ed3ed3b0a92f1cb14de96a5afbf47f8fd1ba277
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C7B) /
Resource Hash
daf8487d7a137954094e5fa1fa491f5f9ad93b62d22c29b2a6d4eb5ff559a33d

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:16 GMT
last-modified
Tue, 01 Jun 2021 16:23:49 GMT
server
ECAcc (mil/6C7B)
age
35487
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
access-control-allow-origin
*
cache-control
max-age=365000000, immutable
accept-ranges
bytes
content-type
image/jpeg
content-length
29160
visible
trc.taboola.com/synacor-tdsresidentialportal/log/3/ 		0
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/synacor-tdsresidentialportal/log/3/visible?route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210531-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
54
pragma
no-cache
date
Wed, 02 Jun 2021 02:15:17 GMT
via
1.1 varnish
server
nginx
x-timer
S1622600118.519283,VS0,VE54
x-served-by
cache-hhn11524-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://portal.tds.net
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
dc_oe=ChMIlo3_s_D38AIVnYWDBx32Cw5oEAAYACCz55RIQhMIxt66s_D38AIVxqN3Ch2Nvg18;met=1;&timestamp=1622600119402;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 267B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIlo3_s_D38AIVnYWDBx32Cw5oEAAYACCz55RIQhMIxt66s_D38AIVxqN3Ch2Nvg18;met=1;&timestamp=1622600119402;eid1=2;ecn1=0;etm1=10;
Requested by
Host: eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com
URL: https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIkYn_s_D38AIVhJN3Ch1uVw_yEAAYACCd4eFHQhMIxd66s_D38AIVxqN3Ch2Nvg18;met=1;&timestamp=1622600119560;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 66DB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkYn_s_D38AIVhJN3Ch1uVw_yEAAYACCd4eFHQhMIxd66s_D38AIVxqN3Ch2Nvg18;met=1;&timestamp=1622600119560;eid1=2;ecn1=0;etm1=10;
Requested by
Host: eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com
URL: https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 02:15:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track.gif
portal.tds.net/images/track/ 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.tds.net/images/track/track.gif?action=impression&cubecomponent=HomePage.Dcc.Card&contentarea=dcc&contenttext=Poll%20Reveals%20What%20Percentage%20Of%20Republicans%20Are%20QAnon%20Believers&contentsource=Newser%20%2F%20Getty%20Images&contentid=newser-poll_23_of_republicans_are_qanon_believers-rnewsersyn&contenttype=article&contentsecondaryposition=4&pagescrollyposition=0&ts=1622600121857
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.8.70.222 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.tds.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.tds.net/
Connection
keep-alive
Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 02:15:22 GMT
Via
1.1 varnish
Last-Modified
Wed, 02 Jun 2010 18:24:58 GMT
Server
nginx
Age
0
ETag
"2b-488103510f280"
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
X-Varnish
542677827
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
/
vam-image.media.syn-cdn.com/13/af/13af13c2bbecb322e23f9ed7e0fddb4f654a4b3a/w=732,h=411,crop=focus/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vam-image.media.syn-cdn.com/13/af/13af13c2bbecb322e23f9ed7e0fddb4f654a4b3a/w=732,h=411,crop=focus/?app=portal&sig=2b95d8eca575c597fc56cb2f9ed3ed3b0a92f1cb14de96a5afbf47f8fd1ba277
Requested by
Host: portal.tds.net
URL: https://portal.tds.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C5F) /
Resource Hash
f585722da82dea0ea038a7175c8e1617fbff59cfe3a79b485a10446061fe148e

Request headers

Referer
https://portal.tds.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:15:21 GMT
last-modified
Sun, 30 May 2021 13:19:51 GMT
server
ECAcc (mil/6C5F)
age
219331
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
access-control-allow-origin
*
cache-control
max-age=365000000, immutable
accept-ranges
bytes
content-type
image/jpeg
content-length
29592

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| setPerformanceMark function| measurePerformance object| Sadlib_Config function| Syn object| TRC object| _taboola object| _tblConsole object| _comscore function| webpackJsonptesseract object| __SCRIPT_INJECTION_PROMISES object| tesseract function| __uspapi function| udm_ object| ns_p object| COMSCORE object| google_tag_manager object| dataLayer object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| __core-js_shared__ function| iFrameResize undefined| msg object| context function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| _newsroom object| TN8 object| SW_Config object| rubicontag object| Sadlib object| googletag function| pbjsChunk object| pbjs object| _pbjsGlobals object| grumi object| SynDetectPii object| sadlib object| ggeac object| google_js_reporting_queue object| origrubicontag object| headertag boolean| apstagLOADED object| apstag object| regeneratorRuntime object| core function| setImmediate function| clearImmediate object| ats function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| Criteo object| placementData object| _tfa object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id string| slotElement number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| criteo_pubtag object| criteo_pubtag_prebid_108 object| Criteo_prebid_108 object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
.pubmatic.com/ Name: KRTBCOOKIE_1074
Value: 22956-e_8a33295b-3680-406b-9965-f5cfdbf60c03
.pubmatic.com/ Name: PugT
Value: 1622600104
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-oJbS2lJqSuhSW-r5_Mc0hluEiFw

11 Console Messages

Source Level URL
Text
console-api log URL: https://tesseract.media.syn-cdn.com/tesseract.js(Line 1)
Message:
Tesseract path: https://tesseract.media.syn-cdn.com/
console-api error URL: https://tesseract.media.syn-cdn.com/tesseract.js(Line 1)
Message:
TypeError: Error in t.componentWillMount(): Cannot read property 'getItem' of null
console-api log URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js(Line 1)
Message:
Not using unknown targeting provider "verizon_connectID",27ms,1144ms
console-api log URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js(Line 1)
Message:
Not using unknown targeting provider "epsilon_publinkID",28ms,1145ms
console-api log URL: https://ats.rlcdn.com/ats.js(Line 1)
Message:
DEBUG - (ATS) There is no envelope in storage.
console-api log URL: https://sadlib.static-app.synacor.com/client/synacor/synacor.js(Line 1)
Message:
Error while parsing identity envelope from Liveramp. Using cookie based ID instead.,178ms,1295ms
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210531-8-RELEASE.js(Line 3)
Message:
undefined
console-api info URL: https://ats.rlcdn.com/ats.js(Line 1)
Message:
INFO - (ATS) Location of the user is NOT in country that has GDPR or CCPA regulation!
console-api log URL: https://ats.rlcdn.com/ats.js(Line 1)
Message:
DEBUG - (ATS) Config hashes:
console-api log URL: https://ats.rlcdn.com/ats.js(Line 1)
Message:
DEBUG - (ATS) All passed hashes are invalid.
console-api log URL: https://ats.rlcdn.com/ats.js(Line 1)
Message:
DEBUG - (ATS) Encrypted Emails are missing!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.avads.net
ads.avct.cloud
ads.avocet.io
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
adtag.technoratimedia.com
am4.syn-api.com
amazon-tam-match.dotomi.com
ap.lijit.com
api.cloudquote.net
appserv.garnet.synacor.com
as-sec.casalemedia.com
ats.rlcdn.com
aud.pubmatic.com
b1m42-2hald.ads.tremorhub.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
biddr.brealtime.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c2.taboola.com
cdn.jsdelivr.net
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cs.emxdgt.com
csync.loopme.me
d.adroll.com
d.agkn.com
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
e1.emxdgt.com
eb120a53f9f22aaa24f7fde8bcae9a18.safeframe.googlesyndication.com
engage.media.syn-cdn.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fzbtq.ads.tremorhub.com
geo.privacymanager.io
go.sonobi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gu.dyntrk.com
gw.geoedge.be
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.taboola.com
jadserve.postrelease.com
js-sec.indexww.com
loadm.exelator.com
location.syn-api.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
ml314.com
mwzeom.zeotap.com
odr.mookie1.com
p.rfihub.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
portal.tds.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
pubmatic-match.dotomi.com
reflex-engage.media.syn-cdn.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rumcdn.geoedge.be
s.ad.smaato.net
s.amazon-adsystem.com
s.c.appier.net
s.tribalfusion.com
s0.2mdn.net
sadlib.static-app.synacor.com
sb.scorecardresearch.com
scs.syn-api.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
simage4.pubmatic.com
smartwrapper.technoratimedia.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.criteo.net
static.garnet.synacor.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t1.taboola.com
t2.taboola.com
t3.taboola.com
t4.taboola.com
t5.taboola.com
t6.taboola.com
t7.taboola.com
t8.taboola.com
tags.bluekai.com
tags.crwdcntrl.net
tds.technoratimedia.com
tesseract.media.syn-cdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
uat-net.technoratimedia.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vam-image.media.syn-cdn.com
vam-streaming.media.syn-cdn.com
vid-io-dub.springserve.com
vid.springserve.com
visitor.fiftyt.com
vpaid.springserve.com
weather.syn-api.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.111.230.142
104.17.120.107
134.209.131.220
141.226.124.194
141.226.124.196
141.226.124.200
141.226.124.205
141.226.124.206
141.226.124.215
141.226.124.231
141.226.224.32
141.226.228.48
142.250.185.162
142.250.185.226
142.250.186.130
142.250.186.162
150.136.156.92
150.136.25.38
151.101.13.44
151.101.14.49
152.199.22.185
152.199.22.191
159.253.128.188
162.55.6.212
169.197.150.8
172.105.213.147
173.231.181.122
178.162.133.148
178.162.133.149
178.250.0.165
178.250.2.151
178.62.202.251
18.156.12.32
18.194.175.178
18.195.105.17
18.195.155.181
18.197.249.149
18.198.126.47
185.29.132.69
185.33.223.178
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
185.86.138.114
188.165.137.78
192.132.33.46
193.0.160.128
193.122.131.28
198.148.27.139
199.232.137.44
2.18.232.130
2.18.233.180
2.18.234.21
2.19.35.65
2.21.111.28
2001:678:cb4:bbbb::11
205.185.216.42
206.189.254.17
213.155.156.164
213.19.147.44
213.19.147.45
23.45.99.241
2600:1f18:612b:4200:9878:bccc:ffb4:c803
2600:1f18:612b:4264:633b:993:9fb0:9786
2600:9000:2156:a000:15:6f6c:b180:93a1
2600:9000:218f:6600:10:43f:4340:93a1
2600:9000:218f:f800:4:b37b:9440:93a1
2604:2dc0:100:282f::
2606:4700:10::6816:1957
2606:4700:20::ac43:4a81
2606:4700::6812:d05
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:809::2004
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:831::2006
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::9a
2a02:2638::3
2a02:fa8:8806:13::1400
2a04:4e42:1b::621
2a04:4e42:62::300
3.120.52.200
3.123.143.157
3.126.56.137
34.240.2.137
34.254.122.11
34.98.107.212
34.98.67.61
35.156.153.71
35.157.13.124
35.158.25.241
35.201.96.126
35.205.207.25
35.227.248.159
35.244.159.8
35.244.174.68
37.157.4.39
38.27.122.158
51.178.20.139
51.210.112.236
52.21.23.66
52.211.113.33
52.215.94.165
52.222.149.23
52.222.158.109
52.222.158.59
52.222.158.71
52.222.158.96
52.222.168.121
52.29.156.139
52.30.140.199
52.48.65.146
52.49.238.187
52.71.70.131
52.94.223.37
54.209.16.83
54.229.143.145
54.237.174.15
54.239.17.112
54.36.109.166
54.76.52.164
64.8.70.222
64.8.70.58
64.8.70.81
66.155.71.25
69.168.104.86
69.173.144.139
69.173.144.141
69.173.144.165
69.173.151.90
72.251.249.14
76.223.111.131
77.243.60.138
85.114.159.118
88.212.252.22
00bc27952ca428c59c06d9766803b6b634190f9df1f3f97087f83d765e36ed19
034ef92f58ef6d441066f15a2514f3dd65bab5b42ba776c1d071bd773f1fd45f
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
048f10d3ca82f7dd6f9a3e86bd87f274704211b873e87c74c932c8babdfb3dcb
04b7a73ab1a30ebe3cee7f65505258710779ae5d3ac58494dbea3cdd8ce38589
0563070d51850cf559243c2d2e25e9359a3809bbce2b521b0dd3e2707d9dbe23
05d15b90d5d0083b16e9b9917566fc391a5d2822551f3047d0abedeb4b53ec62
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c2cd271841d970111ce4bdf05baf71f829e76d9a44fdb35ced1a94e1a6fb15
072dbd86d1594850dd46ced4a93b4f94f043bbfda118dbdc32c9025bb0311c29
08d47555b0618688ebb5e37dd8aeb757b74066d88b7fb94173963bb64d309ff9
0993aec610ae05224017015b240b0f78b0716ae3b910d34da9cf598d34f4b146
09b024d182586fb9f1c8c66f795ada0c53d0454cf6f656e42f32e9bbc78875a0
09d33b8bf2b197f37094de12f70fbebf519aaa660cc5cfdec3f209c3897723cb
0a2afdbd71df7a97ceaea8601579c8a2442a6e87109bf372bd47a725ee4bd3fc
0a6bd1d86894ecb5d33100171dae4920fcdf3c947d03eeb9c721e55598c1ec5a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b52a6098cca00cbcb4ae237655a5273bfc955af093cb5a7395fb82ae6d145f3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cb81759ba7ceefb12563171e5d9d933d4b4f669a81f24e44fb5819f505e5e77
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0da8990b2deaff73fd3a28b59f8afaf9a141cfc792f6700e3d4c9dcb4195d791
0dfd3c54c42cd92ee7a8329c30edad1f1e49123cd04755de0f127fc7ada59774
0eade3746f17e9891967eae7c851822b3214419a56edf6d6498da2370da23e54
0f1e65db5113c24c77695c16dd3584568c2d5b4cfd517ff5ad9869761fd4014f
1165bead2354eab83a4d6883fc2144fca8870a4d2454b4a5aa24e7e4a9239540
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1359a662d8fe7bd465911cae9ccdff64767752c43b84e0c82d0d0046187c0f1a
13fada409c0428a216aff770cc13536aa0141fbbb391135b28a1c20634d612af
1491e275785fdf1ed8f9a74589f5ac0683c9d03767b3d3ce5e15040e109ff22b
155f892735d13a0a615c9f44794d6233c5cae035d8d539e41379d99f41fd5a32
16ecca79afaa9ff085d1e94da5633727316f4eb058e4b484423a58db6f10767b
177f00e4e4427b4ec245a2717fbbc58ed3805a003cac4a5855a59f0329f2c1e6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1874468f24e2c482ae9d25e2c03a7c45740d2546d97cf9cd69c99f91879d36f0
188ea392d7637a2dbda8795724e0057b7417720204d19de055dddd0d0e41c9cf
18da678b81b28f0173021fb9960300d0f6d27dc76e31686fcbef7c96ce1d0111
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1bb2e039031f93f8c2aa0cf3228a8441298858fdfcaf1370c8cfd8822e28eafa
1d6c771d5a031898c49a43f646165414ca6cea0d2c24bbed59a3828d8641c0fe
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
1ecd62b677c9161fb94bd27207b10c8ee14483730c0d06747662042ff0ced983
2215f50cb99824ed2786a5d12df72b5dbc304b85f28cd5b873b645cccc3b7411
22b4bf26b9c79e0b28e89503a4de4f9153994acdf351d89fc46e3700b5fa7d7b
23bd05fa04ea98369b3e4108ccc093d379d314150ca3a00b113f8eda78fadfdd
25432ac38f4174a08571c6643044328dac804a35905756279f3fb085e2ac0dc1
25accb6c30b3ce1e5dbce1be7ecbd995cccf31f3bf452880c9109f99768712c3
2619b5240733bf699fb722d2ce9c25e666be0e621f8cb6e80b795d5fc1426cca
27525d13bab01446862a49b2da3aebe337534e0c23a2766e61d35aaa42bf090f
2969eb1dec4f72ad4ed31b2667d95bbbb15244bd51beee91dcf5f6524fcc757d
2bc87158139e11011129ae8bf843e030481ea97f9ce45797067bfc20880860a4
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d8f51299915ddd7c603568a0bb9f09e51131dc8ef68adab932f541bff05b24e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1138781e8e7bbfbd486a9b43ad0a5179db2fbd5a14ce5cdf65276f8346bfe9
2ed089c4649e0a8bc22fc45d8fca37f43741ea4efa80dc4043c2cffda83e46df
2f02d818aa44f7d0bf039b2c124cfd27663809de2a54983d0722c8d036da93e7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fb76e252fb3e8e4e8fb84c97049c24cf35775edf5b149f944cb338759167891
31a97591328133bb55503ae04ccaaa5a65385d77a13dce3b67d2e4bf601bc1ca
323783be9a53a31e158ec9600626a4703e99f4e183bc1acb8772cbdf5c3a1ece
330f905f92f888e61711a34653d662988589b6cc2d4355114b2d6dbb812660f6
339c6d769d8833c8d3012bd23e090f24d3419ea4d4b69855012e9c3271e38ffe
33ac5d23f6f7f0ce3ba0599df5b54284bb3a9a709dd700594be732480a5263d6
340792a7a42feffabbddc144fe4059013ff8af265ca9c3337933e0b633569367
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37aa2c2e614dea8465538ebf32d2c9ac3c7b1f79dc72a2c64a1352a6e65f5ecd
389a635cde770b8a99f2822cf2467329e5d4ca913f913664c94fabea12bed2f5
38af068371d67447b0e25966dadcc89d073279a9664ab37076922a6f261aa261
3adaa4daf4886e87addc1d25cf0b421cd6ed149dcb621ad42011b681df46e07e
3b481d1a93f3dff7a490e5ddadc9cd6f3d71fdafbe446d368f9948be01353692
3c9f23a3c3e9b5e38f4b653796b8ca2415b3a92b6df0c844fcdf84d8286aaeb1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebb2cd0dd16ca99e4ae36a42e6a5622e55da85503f9857915ff1b545a00316f
3f12679987ae742b0faeef7f9453165cac5765bed785b21e6c1e73d3e4425418
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41e3d1818f931c982205673dcef9839c8970acc2f5528abe4fc86aece04ad647
4523540f1504cd17100c4835e85b7eefd49911580f8efff0599a8f283be6b9e3
456c8c1b78e6129ec11a069e160cbfbf24724101fb34237af5618b8f2508ff87
46b5efe32423049467d41586b84962af93f154b542ca4e34ea0216ea7747f186
472577b96613a6d8107988e9561ddc3eae95b37b52ee6e693d20a23a634dfa62
473e701f9255656c8d31fdb95ec8e34faf87c7d017bb0fdc20486c43668a1de2
477939ebb16e47ae4fdcfe02358e8f0122135a2ebbb80756943911f3ead68dc3
481b14d625fb8eaef2baeaa51de213db870a780b3172e0155d22430571ae89f6
483272f53a02d29930a9435b38536cf33fabb05dae586eb0877b7c5fc16a8d44
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4aa89e05849e0a1f8d1434acb77525ca4c77d7397a714272f6f7e5c2fc2cf49d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb20c4898a27a3a52e6cb8f21cdddead8255a279e5c490e5aa82e0189581dd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e629876f06e9131d30fa228f18833fec649e00e775e25187c167453cf2e68f1
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f7509aedd345b0f9ab04f53704edd82b5440c9f84684f8d0d6fe019f637d778
4f92bd10542d5866ff293873f92c444ef6427b2ba7d6832fe6550138372dbc8d
5056009a1b1450ba53675a5f438be1bdbd585db9468d2d81f50882b2c659ed07
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52730fe4579eda022a1bf49ae0c6771de103e19c768a98e8b1b2815ffc7a212a
533f946e754c7b3e1ad43c451d2a41bbdf0c3a7159bcd069e5ac572cef73e368
53798de3b8a7a63f4c417952b02271a35a37685c5c21545aaaa7d6cda129897c
553ab608e10eb14ee6c9e0fb6a1bc2c2a72a95fd9299d05abba99e5e1b40458c
5584e3ddf5f6732a18a1ddda2f2825169918c19868c82fb00f0b9e58902b0292
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
55cd050874e30e1598e9f18f7e5eca36ba29c683f5f7bbadfb66a1116e28ccf5
55e49fd040a10a34fabce82e0e875308c9bf691a95d5205fa7ba8dd073fa354f
564e7451da3e364dfc714b7c23b8ad3ef59164a35457b61e3b6a3f34aa00f2ce
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6
57f4d34635f7e17def2246793d657afa37c616065e8e37546804bb1ed532fdcd
587f61f2a0e3b04a32e6905b4030f9ed0a03ac2a0218d986c1736be2a8d1bf8f
5a56a7b2e970338e17dbdd7c877c74b2d653710582d2e82f9fed212ffdf27694
5b6f3806c04b7c91d2ee5cf8f42b31343a9d33ea62ad9d0506cfa1be078477d3
5c2a5060ff38cf14d3679cf92aa6804a93068a881188c009eba0bd50e8469728
5cb7228c4470c115ab1ce3e553edf24cab6338f897ac51e28e367a06cba65938
5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe
5e301fff55abbb90982e67451995f9b0ed0eceda3ed7e1f022af6b0d3c8744ed
5f4f403543b0ab8398be19a68bd906e5b862f4bf3e1372798c0c84336075874f
603cd0a6444d9e91a14cc8e48f4164aff5a3cd11ca4d4c46fc7f87f74373e1dd
6110d2b61351378c20c51bdb27c214dfabb0c3220a5591cb5aa602b6f327cce9
619e5a7785957be4b09bb2859b1c7200fd15d9d7b86d2f5f7d4382947837459c
670671cd97404156226e507973f2ab8330d3022ca96e0c93bdbdb320c41adcaf
673e56844404bee5d80d06db1c6203b4e0ab713d797d229c3191abaea6c2f49f
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
68a7e53a99b0b3d5d98b3cc31bdba1faad3067e07c640d862da60a65c02ec28e
693983f446da22ec169ea1cda8e439bdb59297e211af86071e3dddaad1470a28
6a15265b1b610ef81ae1a1e45c8b69917d2fc4d3ad5a63c00ee6a466f0a6e806
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bc2b8fea24fa1c8b174c7129eb2061dd61cb439252efcf3350a418ff38721dd
6cd5b6e51936a442b973660c21553dd22bd72ddc8751132a943475288113b4c0
6ce01d86a82dfd41be627131a561762f9ca379fd891beff892918d893506477b
6ef4a8203653f0243437308f35bfbc19cc661812f514dfa06b1d653c8aa1cf98
6f79251795bee966eabc621ed72551e7884ca501284ea757d496df7c0a738722
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
70411b01aa4b80cce652bfe8bdcadd4d72010c503df66bd60d1466a10304cc36
7057dbd0c1b43c05a70dc5a953ba9d83c8ced2eb7a49daf9fe4bc29a0b9aab87
71335c1634c214fcc859f2a029ac59c9d9e355c3523e5993b04b6cb8465a454d
71ce40829b74ddf7ce148ca3233176c6aaf65d008507007b078480084e0674bb
729ec7ac109c4e93cf22a138a0d96c050902bb9565b3c271e1efd6f48e6bd562
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7361d0f700589a2c75a20699065577375cc67d1e38702cb6baef5dc8545bbe16
75ae82973872a4e10d12bf025fc17c12830f9f1723e32dcbbc6de6b6770a2015
781b37d2e918497f4d083a80653aeb92d9219ef9636d4153bfa85881da91d0f0
79311a4131400943713b3a12b9c9555ad1dd09ad3326c5267b37330cdee85c7e
79fe4e962ab0ce189b513b422f23c4fe80951a4937c0cf5ad9d10c133fa724c1
7b8ed82a957ce11b42b909e91f82dc310bf019fc087ac9c2e93dc978ed70ac2b
7bba5809de9c8728b7d8e1f5101224631eb8edf716028eb7d511de3f2374d817
7e532c6667b369f30bf9705a22be3a86eaa889e73c0e21f024b37ad0d15fcc6a
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
801e8224bdf2e16111e12739e43c37f474377f17d90957e9358d2dc400efe48c
82620a235ce91107a5c9dc947947a0b36f5646d951b072653bfd23929388a30a
82ccaa048a41d3072e5e20792d6a6814a80cfb4ed4c947a64cc90f7a8895bfc0
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847ac095d407715f2712592f4c4becc5caf0390e073c087553578142a60239d6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85ff3f678e3f69d8cbb242f02666cb4bff9b944e72b44322dad7cfae320ffa96
862ddaa83471c525dc8abe2e478c2e5cb012ad260830d1b00e626396cf403da0
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
87aa79a4a61a3faec88cb9f6d353a11b7ff2ed5198d5b896903a8f11f3158e8b
8abb7ca2bbd50b7a9d10105ac5a82a180d27d4f2e0f07445c89188cbe7a84699
8af2cf76812b1ceeda0d2bcacaabda1b90fbde2894a84ad77fe087c70b3a1b72
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e96e9d7df556a11efe5b1bf18d0c26b09e3e1127496b9a1e3648b201e298437
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9004d4ff1ed09b144291fcf6fcaa0957a370976bf762fe634100f297effc9e9f
9035e4f18b701b711861d6658d826baa97d0cc736a7300b8f41bdbdfecac536c
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc
9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc
91b7feadc086d50a47f3c6e3e02aae9e576fbabf6fa19ccb047d9cb059f7e3d0
91e29352c54f2d7cc590930880bd5273e4af4ad0165f95f6a7ad9d4f16f8f404
9271364ccc7371d1f0e4b21156d8e786d6458de3f82a9c7ea23099dbd5f3e47b
9333093d62b2bdce025d4f2d10a2d3dcfb06efadc22cc4264e30915e6f2254b4
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee
988fbaf9e9e90d7457a9e72da5b336501cc8b770434968d45968aaba6111d668
99762b0fe5da9809648a083071dcf3cde2776217ee4bde215976d6ee2cb25bcc
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b51f42868d9bfe9c5124da597422377759594505ce03ec2098833f54aac70e0
9b866091b86aa3f240072a9f442783b787a8fbab138f005f89ddc7eee2ccbc6f
9be504714f84fa58f25b9cad34552bc6d43bf33d35bc109780ab7bb566df9050
9c557ad7722d641a3231483ccf17eb24177be66b7033f03031217613bbf90f07
9d0b80262a33fa48a31314eed0bdbf568eb904f9df1a3a55d7036fca1d034935
9ec66905a17e189f80e12d9f1639a69d1a5ba1c016531b1a484873a63efffe50
9ed5cad40a12c15b161c8801b7c29a8d9a279b45c5d926071994d60301e2bd55
9fb48084f1a7d8d8fc8d04196f50eca02e2de8a93332b91af55bf9cce37649bf
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a16e154e8fb61d9a8cc79561fb5b26e52a933eff04cd4fc4243c9bc2cfae3395
a1cebe7c4183ed52c82628edb5efcc47f0d35097c7ef991e7705cf8e352a5a9b
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a307d036a523a32395518a20a62eda7abf945f95ae2f6649d58b0dec1761a335
a320c1104fcd0e577607abe785ca389897b5c7ac2d52a35e02084f496cdafac4
a4015a75b1f97f18d57dea009a00586285d8803f25843d941eb7de10f624f017
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54d25ecdfd5c0a0ed00dad0b58e4389e3e7d7271b595195e464b393c90a31a1
a5f0006a4af357ce0d17c9ec33d7792e1e26217103ba1dea51b18e2bd2024e20
a6e99a33a6e79c03b4f01763c9b6387672be4b1889988a91ac84d37b597276c8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a953f09a1b6b6725b81956e9ad0b1eb49e3ad40004c04307ef8af6246a054116
ab237484f8603ecb3fe317be87032945d68d5899d66b9fbcb7936e5cc8618854
abddaf93a0ec51802279377c600ba00ce58b998dce34719fed724b32b6c731a2
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad780d991478fe5c06bc85754480e4ecab30ac41f85f5e3bb9df5ffd24464b2c
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b
aee2dcedf551a2364801daf1384f60ea73d0a6a3ecdb21fbe138c9971e76ae66
aef1c1660add273ece0fc5be73ddad408b9d66300d629248cee12849c0e4a7bd
af37343ab985223f61e400c174fad188a2bdcab4d74ba9b86c00db9787262e12
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0a3d7e16842857622ad431049f6bdd4f67904e15c7b245eecd8f64ae6d500a2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19ccacf309a594d5f9fa1182d9798392f68cf0e8aabb438cd23593f6028b8fc
b1def08c8ff8240bd1bff647113efc7b999d7c865e156debcdebe5f2a9aabb0a
b36f15332e87ca364fd9e9400ae13d00b85c8d7f1c284047cda7e509d920394e
b480f99884908c629bf6e54415aaceaa54115746800937f7068349a1a17b3377
b5683bbd63409ac9da7ca876364fd5e0e88b53adaa98b7c95fe2ce448a217ac5
b66e022ac9b572f2de543e9ef970061c4699e85380c87cbba2b6ceea11d0aafa
b7386e27748b06c72146e37cf3f7268d13ed51cebdd88f10017c1ab621cebd77
b73cfac616096ae6716862f8564804b4cda6c10910a21a0b41a544d9077bba76
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783
b92f05aef3c172d5c32bed5cf316731f7f53961622b772bf4748838de45f4737
b98a31a2e279e9ddc8c68c0f0d35a03fd6cabb0d4fe7cce8b5ea0f3d1f7c5bf6
bc2b1f42a74fd925f6db1c1a03c1cce7f12f495bde303c636b41f0f9daed4b3b
bc5659878681c2cfd30d8d38093f1c48f76da8b9dad30d9e1341a8f0febedc98
be7759cbab7e32fdeb8c48657500073ba211724abfc2da6845064ca229dfc69d
bef35c7052149b53c867e3789bdaf7a46d56b39fd41c9cabfb8e4d8773df6c20
bf28835fc9e1080337fe625ad033146ef85252a60d17116af76826940baf1add
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c411d4429be5880fffc48f9aa287f8c255416e29bbd4ea4306059388d6a86598
c4fe1a1a66f1724b40262a880ac9d2a22dd5005e8c0e770cc781b58d0c6a0a56
c60d1063c74ade5dacbd166ae119e9d688db02715841e21ae826b9d62564ebe2
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c837b1dfaf16175200c1abbb9a3eda039b3d1543d5866ae1eaa41eeee71b4251
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
c93c763b93788481816d304d396b093bfe4ce127210216737b8bb08ebcc0121d
c962ea50f6c944cfc91a9e3bee1ab2945252358011a2866dd19ff5bf9d1e995c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caaee24e77e651e2ab22df93ca029110656a63d4cf16aeeedd468e6cb4c5f3af
cb3cdb6a0aefa2841c86d05d8cef3852c6501c0b82b686464520b026e1f003c0
cd060d75cf69e51cdec269dddff5cec5c6b3e85733d3a748e8debd5bb227ce00
ce0f5c4fbed08ad75bed4eb58f5cbf00a15af06c5f737a6e2e503b2effcc2384
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd5eaef5b773914575b9003046af2136bbd89389475ebf033d62f2bc5837603
cffabe0948ab31d5e6574c15c4e0d494ecc146d91cd0434d684c9ace31f9c068
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1074a2ffbf1a0de7e4f51d4c99f83c7cac29ad41979fdd3b7253974d451119e
d16f075a0f0d6d996c2bc7601f661c21f72f7d35c5b6b38086e26ebf1a382ed7
d23315dd9b05fa45de16411e0a89aa0102fa793a3f14089ab76354d634238520
d3b9ad1df800f8a988fa15ed8d6d450e6fdba285a7f5983eca6f69f0befe224d
d3dbbd3c786749369564e4e2f58dde7ba42042b20525bb83b2793d8ed2bea58c
d73a9ef42ce935d5eec29ddae519788aaa5512d7f6ad0480a5211b6ae458fa04
d7bfa676c07c88144d9ecdcec09a4ec7afcd0449226bf5fc5063342a16d5f8e3
d7ff38ea460ae85369bd6b231f50383eb1a78dda3d1bacaa0f04282f68dc6a8f
d89cd8c1ce585cf70d226e4e8db494c25c1a4e1d4aa2ffaa1a1202942d3f1a46
d9c35b08c486c8507c0f6be2c71020689f595d26ba516616740ca11f41207691
d9de9b41aaebf34b690c5d7b223d2c5d7b82204753e3c0a1ed05cee2521e8aa4
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
da7faf3874ff2e696623d8c6f58ab92b35747a8fef9329c0d42da0f115c06e5b
da867aeb3467f32dd64672a2d5498fd10f191275f719edd6faf24e7219b24cd7
daf8487d7a137954094e5fa1fa491f5f9ad93b62d22c29b2a6d4eb5ff559a33d
dd62addfadaacd04a6f53b473057ba75dbf2f363a21a496fb6d00ceb9ff21d94
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6396b341236ff028e5a031865c9f97e637ec99cc7fffff83fc9b9365f2b04e
dec56c92d388731e40c8dbce2f2287455170950d02cb1715806d935d48e8198d
e0df112ab3c2afb89895e654c8678a8302d0a833061f9d0bc412af6fc77ebc2c
e25e7734c8214dafb1362c615194ecf121242e403a4c76fce11a403d7e9bcb00
e37c205e491eb6ddb7cac766424efebf45f052f983117549cc204d026a01e68f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46c207bf322ace962686e5572a42e673ac75c42bb4dd6436a1523fefdd14ddb
e65526c7ca60141914047471214be236295f408ad639e8b004602934b7d18f03
e72886efa7fdcc1efb5e820355a53aea0a67bc1e2455f8996b809352f6c5e966
e76cf736f6b484fe0ee41d95139922e0766b3120fe1660d106b895fb916e2d5f
e76f205a6c1ee026558ccb3b21cdfcc93e58732ebc4cd522941f8608ae519d0f
e7e8c16a04af84b8b22bdcfabc7c6dbcbdab8800e768d8bc3a74c3451b94669a
e86af40d3e423c1a8c3c91e05c2751f832915c5e889823712ce7c10ef247920e
e9ceb96b2aff7b757c9c2507a1e8a1d2b40ddea4fadcb17839cda3e5020bd7ab
ea191803c6a42c9e02cda7bacef925236bc56b1d240a3635a0b385d2fd5a1544
ea3c3170f6458b1716eb6a5057b8124b78446775a199f45e78f6344966523ac5
eae0c4f02c7657b2146853859f2e2bd9030a618eed96b8236a9e821d9746a8e7
ec00d34315df16e1cec421ac42a42934da807bea473dad1c07f6389a51b807df
ec3ef79da9ff564b9c6f62855c2e0c1cd7f9f3accc8203a15a90c46efa3101a8
ed097c7bcdbc3cfeb6c75a44ae42aa133e730ca7b3535d7994d0403368fca032
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef852aeb7f2795abec2dea2a79492ad843579c0ff531d68c47d6ec5ab58cd19b
ef9fe395e3dfc558c8db7c346f4980038938b40af860f2e91a392c2058e4a470
f05168a4b343b3cf064911e9731b5223b7ae069e646039875343d56bc50f50dc
f09d1406692657e3a2651e0f7f46fac3f3d3ecdb7f5061d2edbaed1600db0622
f0ea30c4668ad66beed47ad433c3c74b6015ed47857255896692a3c007ce49c5
f282abe4ca6b9f4326859008e162ea0f9ed268872de724a14f5135a2fe8ad6b8
f37dfeeefda3f99d6663c824de1584be0b34e27f999a6f9b72e4409635ce41bc
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f52e9002abc398d96cb4903116e78cbb295184cdc9749851ac7f1923e8e9c0a2
f585722da82dea0ea038a7175c8e1617fbff59cfe3a79b485a10446061fe148e
f6371f0b03cd4c7b276daad4c2ff85c5e5145348c13d24096a6661f939110da1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f709476b182267397576b3beb459e9a8eebd1e48add27eb10892df97dd9dbd1a
fa7760f893375b1e23837abe1bbd0b1c8f00468db0a763aedf41bef8049bdc55
fbe04120c12a6f5ac1fe942c2fd5837914e9fa5e486d12679aa8ba25e2379b19
fbf507e5c031170635e0e5e09e5bbb97df82a0a47b667350bafedb02320fc5cf
fc2ba5a4908fe6e3aa05ceb8322abd0ea66bec325030f9a5f20314d79783d371
fd2ab4fd8d6e1cb9dffef21dab155f61d943816c9753bdcc48e2852d1ca970f1
fe799de0f9b625ce95cc45d892632889c4602fd5b491b2f016bf5dfd401fe576
fe9ccee8726f3591ca557ccab153dcf514766f4353f35c4b4e8fa922ea2bed9c
fe9f77fdd8b2d5a727ebf5b713902b83297240acdfedfe7fd997ab3712a429c0
ff70a6229c2ed19db0e8c2407aa3577bc89b7ff31e40b7ea7c48e9d16d2b4d6b
ff8efe03e36fae8294a9f7448f03cd707e09935b213ea2d445efcbcab7370790