trib.com Open in urlscan Pro
192.104.182.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trib.com/
Effective URL:
https://trib.com/
Submission: On March 10 via manual (March 10th 2022, 2:29:38 pm UTC) from US — Scanned from DE

Summary HTTP 534 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 90 IPs in 9 countries across 77 domains to perform 534 HTTP transactions. The main IP is 192.104.182.209, located in United States and belongs to LEE-ASN, US. The main domain is trib.com. The Cisco Umbrella rank of the primary domain is 430719.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on January 12th 2022. Valid for: 3 months.

This is the only time trib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	192.104.182.209 192.104.182.209	10668 (LEE-ASN) (LEE-ASN)
37	104.18.131.43 104.18.131.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.64.79.84 18.64.79.84	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:f200:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	216.137.42.177 216.137.42.177	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:8e00:2:36a1:2f40:21	16509 (AMAZON-02) (AMAZON-02)
1	2a0b:4d07:1::1 2a0b:4d07:1::1	44239 (PROINITY ...) (PROINITY PROINITY)
3 4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	108.157.1.150 108.157.1.150	16509 (AMAZON-02) (AMAZON-02)
72	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:fe00:7:5031:dc0:21	16509 (AMAZON-02) (AMAZON-02)
2	108.157.4.12 108.157.4.12	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
10	161.47.17.28 161.47.17.28	19994 (RACKSPACE) (RACKSPACE)
1	2a00:1450:400... 2a00:1450:4001:813::2010	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:224... 2600:9000:224a:3200:e:98bf:5f00:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	34.102.205.239 34.102.205.239	15169 (GOOGLE) (GOOGLE)
1	54.93.106.38 54.93.106.38	16509 (AMAZON-02) (AMAZON-02)
2	52.214.200.7 52.214.200.7	16509 (AMAZON-02) (AMAZON-02)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.1.194 151.101.1.194	54113 (FASTLY) (FASTLY)
1	2600:9000:225... 2600:9000:225f:5e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2 3	54.229.233.249 54.229.233.249	16509 (AMAZON-02) (AMAZON-02)
22	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
12	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
10	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
10	145.40.89.200 145.40.89.200	54825 (PACKET) (PACKET)
1 22	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
10	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
12	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
12	3.120.57.46 3.120.57.46	16509 (AMAZON-02) (AMAZON-02)
15	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
17	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
21	104.90.181.35 104.90.181.35	16625 (AKAMAI-AS) (AKAMAI-AS)
3	5.135.142.37 5.135.142.37	16276 (OVH) (OVH)
3 6	46.137.168.92 46.137.168.92	16509 (AMAZON-02) (AMAZON-02)
6 6	54.228.204.163 54.228.204.163	16509 (AMAZON-02) (AMAZON-02)
4 4	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
8	184.30.24.185 184.30.24.185	16625 (AKAMAI-AS) (AKAMAI-AS)
16	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2a02:26f0:12d... 2a02:26f0:12d:587::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	52.48.40.152 52.48.40.152	16509 (AMAZON-02) (AMAZON-02)
1 2	35.156.68.250 35.156.68.250	16509 (AMAZON-02) (AMAZON-02)
6	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:f400:8:455e:4a00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	213.254.244.24 213.254.244.24	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
8	104.108.144.24 104.108.144.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.16.186.67 2.16.186.67	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2.22.32.24 2.22.32.24	16625 (AKAMAI-AS) (AKAMAI-AS)
3	35.241.31.249 35.241.31.249	15169 (GOOGLE) (GOOGLE)
3	54.163.163.51 54.163.163.51	14618 (AMAZON-AES) (AMAZON-AES)
6	184.30.24.198 184.30.24.198	() ()
4	67.202.105.23 67.202.105.23	() ()
5	184.30.24.241 184.30.24.241	() ()
5	104.17.120.107 104.17.120.107	() ()
1	198.47.127.19 198.47.127.19	() ()
5	2.21.141.232 2.21.141.232	() ()
3 4	37.157.4.29 37.157.4.29	() ()
2 2	185.29.132.241 185.29.132.241	() ()
10	185.64.189.110 185.64.189.110	() ()
2 2	213.155.156.182 213.155.156.182	() ()
6	185.64.190.80 185.64.190.80	() ()
1	178.250.2.151 178.250.2.151	() ()
1 1	85.114.159.93 85.114.159.93	() ()
2 2	151.101.66.49 151.101.66.49	() ()
1 1	23.88.75.188 23.88.75.188	() ()
1 1	34.205.3.24 34.205.3.24	() ()
2 3	52.31.243.45 52.31.243.45	() ()
4 4	142.250.185.226 142.250.185.226	() ()
1	5.161.54.172 5.161.54.172	() ()
1 2	2606:4700::68... 2606:4700::6812:c05	() ()
1	195.5.165.20 195.5.165.20	() ()
1	63.251.232.165 63.251.232.165	() ()
1	2606:4700:20:... 2606:4700:20::681a:bd1	() ()
1 1	2a04:4e42:400... 2a04:4e42:400::300	() ()
1	151.101.129.44 151.101.129.44	() ()
2	198.47.127.20 198.47.127.20	() ()
4 4	51.210.112.236 51.210.112.236	() ()
2 2	34.254.143.3 34.254.143.3	() ()
1	3.124.210.90 3.124.210.90	() ()
1	159.122.14.34 159.122.14.34	() ()
1	2a05:d018:d29... 2a05:d018:d29:3605:9290:fe02:2ee8:2378	() ()
2 2	18.156.0.31 18.156.0.31	() ()
3 3	35.211.178.172 35.211.178.172	() ()
1 1	198.24.171.51 198.24.171.51	() ()
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	() ()
1 1	34.102.253.54 34.102.253.54	() ()
1 1	66.155.71.25 66.155.71.25	() ()
1	18.202.206.42 18.202.206.42	() ()
534	90

10 192.104.182.209 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

trib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 104.18.131.43 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.79.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-84.txl50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:f200:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.137.42.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-216-137-42-177.lhr61.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8e00:2:36a1:2f40:21 (United States)

ASN16509 (AMAZON-02, US)

d81mfvml8p5ml.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:1::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

survey.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.1.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-150.dus51.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

79b224d51ba85016c58acc9eb0755626.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ded9ebe03ade0babe47a3773dadea74c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:fe00:7:5031:dc0:21 (United States)

ASN16509 (AMAZON-02, US)

dn1i8v75r669j.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-12.dus51.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 161.47.17.28 (United States)

ASN19994 (RACKSPACE, US)

saambaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.saambaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

surveys-static.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:3200:e:98bf:5f00:21 (United States)

ASN16509 (AMAZON-02, US)

dkpklk99llpj0.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.205.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.205.102.34.bc.googleusercontent.com

a.leetemplates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.106.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-106-38.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.200.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-200-7.eu-west-1.compute.amazonaws.com

am.freshrelevance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225f:5e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.229.233.249 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-233-249.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.120.57.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

saambaa-static.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.90.181.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-181-35.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.135.142.37 (France)

ASN16276 (OVH, FR)
PTR: js05.adlooxtracking.com

j.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.137.168.92 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-168-92.eu-west-1.compute.amazonaws.com

go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.228.204.163 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-204-163.eu-west-1.compute.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.45 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.30.24.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-185.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:12d:587::4469 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

rtbcdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.40.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-40-152.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.68.250 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-68-250.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:f400:8:455e:4a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.besafe.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.24 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.108.144.24 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.67 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-67.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.22.32.24 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-32-24.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.241.31.249 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 249.31.241.35.bc.googleusercontent.com

data00.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.163.163.51 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-163-51.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.30.24.198 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.202.105.23 (None, )

ASN- ()

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.24.241 (None, )

ASN- ()

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.120.107 (None, )

ASN- ()

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.21.141.232 (None, )

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.29 (None, ) 3 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.241 (None, ) 2 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.64.189.110 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.80 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.188 (None, ) 1 redirects

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.3.24 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.31.243.45 (None, ) 2 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (None, ) 4 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.161.54.172 (None, )

ASN- ()

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (None, )

ASN- ()

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.232.165 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bd1 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (None, ) 1 redirects

ASN- ()

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (None, )

ASN- ()

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.210.112.236 (None, ) 4 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (None, ) 2 redirects

ASN- ()

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (None, )

ASN- ()

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.122.14.34 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:9290:fe02:2ee8:2378 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (None, ) 2 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (None, ) 3 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.24.171.51 (None, ) 1 redirects

ASN- ()

server.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (None, )

ASN- ()

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (None, ) 1 redirects

ASN- ()

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (None, ) 1 redirects

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.206.42 (None, )

ASN- ()

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 79b224d51ba85016c58acc9eb0755626.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122 ded9ebe03ade0babe47a3773dadea74c.safeframe.googlesyndication.com	2 MB
50	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 205 secure.adnxs.com — Cisco Umbrella Rank: 359 cdn.adnxs.com — Cisco Umbrella Rank: 1232 fra1-ib.adnxs.com — Cisco Umbrella Rank: 8051 acdn.adnxs.com — Cisco Umbrella Rank: 523	276 KB
37	townnews.com bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 15296	532 KB
35	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 417 ads.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image2.pubmatic.com image4.pubmatic.com	57 KB
22	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 709	2 KB
21	evidon.com c.evidon.com — Cisco Umbrella Rank: 976	54 KB
17	districtm.io dmx.districtm.io — Cisco Umbrella Rank: 1201 cdn.districtm.io	720 B
17	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 409 ssum-sec.casalemedia.com	6 KB
17	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	547 KB
15	doubleverify.com rtbcdn.doubleverify.com — Cisco Umbrella Rank: 2202 cdn.doubleverify.com — Cisco Umbrella Rank: 460 rtb0.doubleverify.com — Cisco Umbrella Rank: 624 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 11873 tps.doubleverify.com — Cisco Umbrella Rank: 444 tpsc-frc.doubleverify.com	131 KB
15	lijit.com ap.lijit.com — Cisco Umbrella Rank: 594	7 KB
14	33across.com ssc.33across.com — Cisco Umbrella Rank: 1316 ssc-cms.33across.com	2 KB
12	affec.tv 9 redirects go.affec.tv — Cisco Umbrella Rank: 3881 map.go.affec.tv — Cisco Umbrella Rank: 4003	7 KB
12	emxdgt.com hb.emxdgt.com — Cisco Umbrella Rank: 1565	2 KB
12	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 1440	8 KB
12	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 181 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276 cm.g.doubleclick.net	302 KB
11	media.net contextual.media.net — Cisco Umbrella Rank: 469 warp.media.net — Cisco Umbrella Rank: 1895 lg3.media.net — Cisco Umbrella Rank: 2569 hblg.media.net — Cisco Umbrella Rank: 1367	156 KB
10	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1055	2 KB
10	saambaa.com saambaa.com — Cisco Umbrella Rank: 18988 api.saambaa.com — Cisco Umbrella Rank: 20554	206 KB
10	trib.com 1 redirects trib.com — Cisco Umbrella Rank: 430719	91 KB
6	adlooxtracking.com j.adlooxtracking.com — Cisco Umbrella Rank: 8396 data00.adlooxtracking.com — Cisco Umbrella Rank: 7160	193 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	76 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	360 KB
5	brealtime.com biddr.brealtime.com	6 KB
5	indexww.com js-sec.indexww.com	9 KB
5	cloudfront.net d81mfvml8p5ml.cloudfront.net d1eoo1tco6rr5e.cloudfront.net dn1i8v75r669j.cloudfront.net dkpklk99llpj0.cloudfront.net	23 KB
4	onaudience.com 4 redirects pixel.onaudience.com	2 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	3lift.com ib.3lift.com — Cisco Umbrella Rank: 1006 tlx.3lift.com — Cisco Umbrella Rank: 512 eb2.3lift.com — Cisco Umbrella Rank: 346	85 KB
4	adsrvr.org 3 redirects insight.adsrvr.org — Cisco Umbrella Rank: 567 match.adsrvr.org	1 KB
4	crwdcntrl.net 2 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 2150 bcp.crwdcntrl.net — Cisco Umbrella Rank: 691 sync.crwdcntrl.net	13 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	2 KB
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	betrad.com l.betrad.com — Cisco Umbrella Rank: 1215	361 B
3	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 425 fonts.googleapis.com — Cisco Umbrella Rank: 35	29 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 275	40 KB
2	exelator.com 2 redirects loada.exelator.com	4 KB
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	529 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	744 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	besafe.global cdn.besafe.global — Cisco Umbrella Rank: 10746	26 KB
2	myvisualiq.net 1 redirects t.myvisualiq.net — Cisco Umbrella Rank: 1313	1 KB
2	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 792 pixel.quantcount.com — Cisco Umbrella Rank: 3561	555 B
2	fastly.net confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1460	79 KB
2	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 839 pixel.quantserve.com	10 KB
2	freshrelevance.com am.freshrelevance.com — Cisco Umbrella Rank: 14748	5 KB
2	leetemplates.com a.leetemplates.com — Cisco Umbrella Rank: 31635	333 B
2	survicate.com survey.survicate.com — Cisco Umbrella Rank: 6919 surveys-static.survicate.com — Cisco Umbrella Rank: 11782	96 KB
2	gstatic.com www.gstatic.com	13 KB
2	osano.com cmp.osano.com — Cisco Umbrella Rank: 8124	84 KB
1	gumgum.com rtb.gumgum.com	209 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	336 B
1	playground.xyz 1 redirects ads.playground.xyz	463 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	turn.com 1 redirects ad.turn.com	518 B
1	cpmstar.com 1 redirects server.cpmstar.com	608 B
1	simpli.fi um.simpli.fi	608 B
1	eyeota.net ps.eyeota.net	344 B
1	ad4m.at ad4m.at	891 B
1	adgrx.com cm.adgrx.com	408 B
1	iprom.net core.iprom.net	277 B
1	truffle.bid matching.truffle.bid
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	619 B
1	loopme.me 1 redirects csync.loopme.me	217 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	criteo.com dis.criteo.com	362 B
1	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1404	329 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 375	339 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	56 KB
1	azureedge.net saambaa-static.azureedge.net — Cisco Umbrella Rank: 21572	19 KB
1	google.de ampcid.google.de — Cisco Umbrella Rank: 47428	456 B
1	google.com ampcid.google.com — Cisco Umbrella Rank: 1737	527 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	4 KB
0	bidtheatre.com Failed match.adsby.bidtheatre.com Failed
534	77

	Domain	Requested by
72	pagead2.googlesyndication.com	securepubads.g.doubleclick.net trib.com www.googletagservices.com saambaa.com pagead2.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com
37	bloximages.chicago2.vip.townnews.com	trib.com bloximages.chicago2.vip.townnews.com
22	ib.adnxs.com	1 redirects saambaa.com
22	targeting.unrulymedia.com	saambaa.com
21	c.evidon.com	saambaa.com c.evidon.com trib.com
17	www.googletagservices.com	securepubads.g.doubleclick.net saambaa.com trib.com www.googletagservices.com ad.doubleclick.net
16	fra1-ib.adnxs.com	saambaa.com trib.com cdn.adnxs.com
15	ap.lijit.com	saambaa.com
12	dmx.districtm.io	saambaa.com
12	hb.emxdgt.com	saambaa.com
12	htlb.casalemedia.com	saambaa.com
12	apex.go.sonobi.com	saambaa.com
10	simage2.pubmatic.com	ads.pubmatic.com
10	hbopenbid.pubmatic.com	saambaa.com
10	prebid.a-mo.net	saambaa.com
10	ssc.33across.com	saambaa.com
10	trib.com	1 redirects trib.com
8	saambaa.com	trib.com saambaa.com
7	tpc.googlesyndication.com	2 redirects trib.com ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
6	image2.pubmatic.com	ads.pubmatic.com
6	ads.pubmatic.com	saambaa.com
6	map.go.affec.tv	6 redirects
6	go.affec.tv	3 redirects trib.com
6	www.google-analytics.com	cmp.osano.com saambaa.com trib.com
6	www.googletagmanager.com	trib.com cmp.osano.com saambaa.com
5	ssum-sec.casalemedia.com	js-sec.indexww.com
5	biddr.brealtime.com	saambaa.com
5	js-sec.indexww.com	saambaa.com
5	cdn.districtm.io	saambaa.com
5	contextual.media.net	saambaa.com contextual.media.net trib.com
4	pixel.onaudience.com	4 redirects
4	cm.g.doubleclick.net	4 redirects
4	c1.adform.net	3 redirects ads.pubmatic.com
4	ssc-cms.33across.com	saambaa.com
4	acdn.adnxs.com	trib.com
4	rtbc-eu3.doubleverify.com	rtbcdn.doubleverify.com
4	rtbcdn.doubleverify.com	trib.com rtbcdn.doubleverify.com
4	cdn.adnxs.com	saambaa.com
4	secure.adnxs.com	4 redirects
4	securepubads.g.doubleclick.net	cmp.osano.com securepubads.g.doubleclick.net www.googletagservices.com
3	x.bidswitch.net	3 redirects
3	match.prod.bidr.io	2 redirects ads.pubmatic.com
3	l.betrad.com
3	data00.adlooxtracking.com	j.adlooxtracking.com
3	lg3.media.net	trib.com
3	j.adlooxtracking.com	saambaa.com
3	c.amazon-adsystem.com	cmp.osano.com c.amazon-adsystem.com
2	ups.analytics.yahoo.com	2 redirects
2	match.adsrvr.org	2 redirects
2	loada.exelator.com	2 redirects
2	image4.pubmatic.com
2	sync-tm.everesttech.net	2 redirects
2	d5p.de17a.com	2 redirects
2	sync.mathtag.com	2 redirects
2	tpsc-frc.doubleverify.com	cdn.doubleverify.com
2	hblg.media.net	trib.com
2	cdn.besafe.global	trib.com rtbcdn.doubleverify.com
2	rtb0.doubleverify.com	rtbcdn.doubleverify.com
2	t.myvisualiq.net	1 redirects ad.doubleclick.net
2	cdn.doubleverify.com	ad.doubleclick.net trib.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	bcp.crwdcntrl.net	1 redirects cmp.osano.com
2	confiant-integrations.global.ssl.fastly.net	saambaa.com confiant-integrations.global.ssl.fastly.net
2	api.saambaa.com	saambaa.com
2	am.freshrelevance.com	cmp.osano.com dkpklk99llpj0.cloudfront.net
2	a.leetemplates.com	storage.googleapis.com
2	dkpklk99llpj0.cloudfront.net	cmp.osano.com
2	fonts.googleapis.com	cmp.osano.com saambaa.com
2	ib.3lift.com	securepubads.g.doubleclick.net ib.3lift.com
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	www.gstatic.com	trib.com
2	cmp.osano.com	trib.com cmp.osano.com
1	rtb.gumgum.com
1	pixel-sync.sitescout.com	1 redirects
1	ads.playground.xyz	1 redirects
1	pubmatic-match.dotomi.com
1	ad.turn.com	1 redirects
1	server.cpmstar.com	1 redirects
1	pr-bh.ybp.yahoo.com
1	pixel.quantserve.com	1 redirects
1	um.simpli.fi
1	ps.eyeota.net
1	sync.crwdcntrl.net	1 redirects
1	match.taboola.com	ads.pubmatic.com
1	trc.taboola.com	1 redirects
1	ad4m.at	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	csync.loopme.me	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	warp.media.net	saambaa.com
1	qsearch-a.akamaihd.net	saambaa.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	beacon.krxd.net	ad.doubleclick.net
1	s0.2mdn.net	ad.doubleclick.net
1	ad.doubleclick.net	www.googletagservices.com
1	ded9ebe03ade0babe47a3773dadea74c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	saambaa-static.azureedge.net
1	pixel.quantcount.com	trib.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	trib.com
1	eb2.3lift.com	trib.com
1	tlx.3lift.com	ib.3lift.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	surveys-static.survicate.com	cmp.osano.com
1	storage.googleapis.com	cmp.osano.com
1	cdnjs.cloudflare.com	cmp.osano.com
1	dn1i8v75r669j.cloudfront.net	cmp.osano.com
1	79b224d51ba85016c58acc9eb0755626.safeframe.googlesyndication.com	cmp.osano.com
1	d1eoo1tco6rr5e.cloudfront.net	cmp.osano.com
1	survey.survicate.com	cmp.osano.com
1	d81mfvml8p5ml.cloudfront.net	cmp.osano.com
1	tags.crwdcntrl.net	trib.com
0	match.adsby.bidtheatre.com Failed
534	122

This site contains links to these domains. Also see Links.

Domain
pagead2.googlesyndication.com
subscriberservices.lee.net
autos.trib.com
www.google.com
bistroleroux.com
go.trib.com
lee.net
bloxcms.com
townnews.com

Subject Issuer	Validity	Valid
trib.com ZeroSSL ECC Domain Secure Site CA	`2022-01-12` - `2022-04-12`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-09` - `2022-04-09`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
cmp.osano.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.survicate.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-01` - `2022-10-02`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.saambaa.com Go Daddy Secure Certificate Authority - G2	`2020-04-01` - `2022-05-31`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
a.leetemplates.com GTS CA 1D4	`2022-02-10` - `2022-05-11`	3 months	crt.sh
*.freshrelevance.com Amazon	`2021-06-16` - `2022-07-15`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2022-01-23` - `2022-04-23`	3 months	crt.sh
*.a-mo.net R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
*.evidon.com DigiCert SHA2 Secure Server CA	`2021-05-30` - `2022-06-08`	a year	crt.sh
*.adlooxtracking.com R3	`2022-02-07` - `2022-05-08`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
cdn.besafe.global Amazon	`2021-06-25` - `2022-07-24`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.betrad.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2022-01-21` - `2023-02-22`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
truffle.bid R3	`2022-01-17` - `2022-04-17`	3 months	crt.sh
*.iprom.net R3	`2021-12-29` - `2022-03-29`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh

This page contains 83 frames:

Primary Page: https://trib.com/
Frame ID: 83A60239164D5FDA8D4F15ECA35A6402
Requests: 101 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 3AA45B4D92717349D8D5B753231819E8
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: 2C3FD593C32DF229872CD508CB034C28
Requests: 2 HTTP requests in this frame

Frame: https://79b224d51ba85016c58acc9eb0755626.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D8D4DD1F7A4F1E29AECF3A7E1DFD8047
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst4hWMLu26C9zdCHs5ubIauRdu-aOk079lMmoTLlFwN112JwOCiNHwCSJSNuWVm7qPgKJvUYn6Vp9sf2PUD9Ie1QevdHDVQ3YvGdLSduXKTP594kMsUFTRY1YqUCfTtDBnjBeu6_7GSVoi-VNmMBxOzvoX-3mU77gojr8dOwsEenHiITkVMMKiMJNCeh2L_I7bggJyIX_N-4PIM8lgByrYQiVFchDutlKjzP5xcrcpV9iqcP5ziOqOf8gMtwPoHlO5x5WlfYIvfv4iEu6_bM5I6kHpfbTYeiucL9ac05nMJwo6acDbz&sig=Cg0ArKJSzK-TPtSW5AkfEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 438EFB474D7C3FEAA4963232FCE5BBE2
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsusxvyAcdVVItrdVRRUrXbvENk7S5G3zX-IWZY9sr2o58C-trcgY5cnh6DCb175AJZNySRK4a5YpRo2C93vhuqYGx_0AGdmeJ5HYUoHLxLLYwq4aS-FxZeHSAzafpU7aZxiZz9Ke0d50FpbFfrMD5AmPmsvpIxYanX38oBbiGnjOLmH38drmCc2YhVLDguPccRzFzp12yl1rHCsGD8zWJ9iRh95luUPBMqgnoDTD4Hu97NiaOJM-pP0Cqsy1rmxtx3FCZx4wqJBm1QJZUzNvfO9_aTA4p57vdYr0cHAFwFKNcKGXv4vljuByg&sig=Cg0ArKJSzA2NX94j-LjKEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E883129A81B2CC0BB222F33FD9F66124
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvjGKpTITZZFM1hCu3TxtsNRV7ke66OHFG-7Ax3Vx_MDq7-ZtM6Q-V-W5tydcI7_FlksMnJHEe67zE23y-B-ciMgQb8Xb5J4v66Sg9qirEAsNYktnMZFA11IPCO-G34zIMQoNRIGlsGoCp01QQk-APkrOAV8m8G2PRu4DTHOnogV8JtiDCvGi3RCdMPO1c9Adl7iihdbYUTOzooDQRt5JMUpfChXfEz2BSozw8BZuqYP1funRXV3VEIdO-dfRi1i-II_s412kqvGBoUNF1KtAa_Eu6ujMiCHvPm636DrkMDcuBaH4xt&sig=Cg0ArKJSzDDNKgKeqm7JEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C821E4EA7E22E9BEC9A8693DD19FE1E4
Requests: 179 HTTP requests in this frame

Frame: https://tlx.3lift.com/web/auction?inv_code=lee_mid_article_native&referrer=https%3A%2F%2Ftrib.com%2F&rev=a40d8c8&fe=0&ft=1&cb=6086612132&gdpr=true&cmp_cs=CPVpHDvPVpHDvEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA
Frame ID: A06CF5ED89BB868C548551F162F7F8A9
Requests: 1 HTTP requests in this frame

Frame: https://am.freshrelevance.com/tpc/
Frame ID: 498E72093A32F009D6CD5B279B8B2791
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html
Frame ID: 2146E23A1F46D828336901F13DC94999
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=690535608/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22casper%20star%20tribune%3B%20casper%20wyoming%3B%20casper%20news%3B%20wyoming%20news%3B%20casper%20newspaper%3B%20wyoming%20newspaper%3B%22%7D/rt=ifr
Frame ID: FCF2F9E5B0F596431FF55DB831F8CA0E
Requests: 1 HTTP requests in this frame

Frame: https://ded9ebe03ade0babe47a3773dadea74c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3CFBD0F738167523E75EEC8CE0B274E9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvJcixHYriqu-92YVgAVL58QgMZrr79gOq7yGjlm0Rk6Nh1SNfrVB3daffVjKSFzCiM1u8yjX-NYv8t0KUS0s9lb5vP57Xp54n9QAeGvuJ5ys8IxxrjCdXx7mBwQ04bG6ZNebcPPOInHG0l-3w4dFTf1mfV777bArNfEeb-8kA6qsnHP3utb32mVU9Wqx3gTQdWX4JQ31BQIEtTj5J_GkrBOQr_FlEExlgnWh0-n23wQRSz5n-FFyY73jOxyCCV2MANfpE07B-XENvOn3a5Fl_AOAkXrkZmBW5IRFu_70ZMbxKmpJkjYvbOS-GRdhg&sig=Cg0ArKJSzOYdl2pcW2mGEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C046971EE3AD5B45CEE224BE48117B46
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsurGyyzFll33-0DEIixTsD4Rk1RW7b9lpVz65EW58YapOgrQRSgluR1FDg26qpxn5_DDatcz-pBI4lhymCJCkSsmX1YbtUExSLFLwZiL30U0Kunub8lRprcQK22NGZJ3mzkkJiaMUHXL9Bi9FSW9v7lrQwuMFvGx83n5JzkBQBuAelP8x5ImKt5Z1uHXdvx74abcvYA6jw54K2rHPkTSkXDd4pd5hfC5LarUyq6hsyTkRLeRdqBFpQept8f8rvb4JPTyv4unDm5SnBRNbg8W_YAJ6xg_vhXfiPZ26H450gwT8hPqUm65EAbiYMMeiY&sig=Cg0ArKJSzNNNHzXnwP7_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DAD8A572AB9DAF13757092379CFDE558
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstbp2uroHUeSGEKHg_2_IWI6WNz4D0zBQE4uj1pO3z52LftCP8m1VZQK6UAKZ2CZTXCNx9hE2xhjKmRG7PQs3Bf_aeg9OqG1HSyXu4aBHiIqUgkXvV5Vy-dC24KFG_HcAeiL9bKJWTl22oqmlf6ggzveE8u36ZQZBwuZeGgbr6CH199XbzPHsE1wsODiVYFflaKiZp0mCsSkEVnwXKIIhtiiN-X7U-xOq9R2h7SRgN2XyjC18S3Fj4uPTZ0TjA3wQeflwRHK2YT9wA-F8K_HlG_hkun1UjBr_XcNoBAih80sbHv-3x4kHWemFd9iQ&sig=Cg0ArKJSzIYlfY6GYSZvEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0E3AFB2FC30EFA6D000F403F57677BA2
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvWJY5nAPb1byXiy_gNuqQWZ_p41lqLeTDphO8NJv_PRNdNOxhmQs4ypm-RYydsDP84-XLaSzln2ghiUFgNHaiDZoHQrv59aDHIUmIz4clF4ROxd7gbja4-efrV01lX0GlY7lny9Bi6EStgHz_eOlGzsICmPAjFY6hMOJaqOKoFW2g-uBUBy_2qArW0Y8l_otnjegu79SZ6yKovx6itPmQno40llVyHgRu1zuV-j7j05kE63fSUeChJP76f4MNd_2KJCv4u_PV9fVDAdrPPvZ6MbyfWxPfmIrY9jaoAL3fPrEr9TBrcqNwT8xyuKKg&sig=Cg0ArKJSzLgt9qIyJjvrEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2F467DC18F8509FF4C2FB648C2FA1E45
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvQimAOf2PsBwU6Rt7-qN6saVXyKoRahi4Xf6Nj3vlQeElQVd5-j8RE-aZVAhg4omBaJOatXHL5RiWeyS1f3cgV0VKDBts9DdppkmpxsCoutoWgOC34eZDb3BWxQgTUhUdWjynB-Xzc_PnSS-OeU1sP6FmK--WfPoxs912TNknmLONWX4iqbSPTXZx1d9bNmfmg-GTKcWxEOgVyULcBorBIgz_Sd5kp_uBomnZRUuvTDweTWnm_N3i8ecIEemLGZZAmZdSUCxXWhLceSK4jKBl2anN85pcUYLfshmbM2TD4e9jlXqu95QE85_75Z3ucXrc&sig=Cg0ArKJSzH3P3oGpPq5HEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2B33AD32A472CF9BB1882FE78766B1C6
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstSluwDtYiP8gvCJQgataA_IY0r77N9jNHwV-7XuilQqbIDv8AlILS3OxDfTX9XshbICogGhZdQdjzKIUIHfsYlnXIhmar6lmkynagYSDEN3FhQRam4XMoqQlMzh4dMt5KmRpSoUNWAutTuEY04VUL5h0MO30kW95f_zBWrKEmR1OYuMjkHlBzgkf_iAwlvHHAOHqKTNteHzoR8PZZnzuS0FXsbUJnhod-t-BjDNj4SE8sfzi1cQ4JurZin-ZS6aeaugCGS4dQDxZwd7XbrNT-HGgq8IjnWvAjXXOhclY-RPKVwBafy7hnYBhT9Ixs&sig=Cg0ArKJSzFuUNzq4r4SnEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AF9515EA6D7CC0DA0B672F3FDB643DE4
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssmAsKnSUcn5hJupchuLel4qrVFaYxmIvSRmEiMMgUk4JzY6oilvXUdh2oMF3kkIR02JEN_AjC3Z3_ceu_gdB9RRIMsKl5WhRgBz1xkCFxaDYhbbaB-wdRLB5WyLDPnCMg_9gKE49NfM7oFvO19iLgEjL-TzhN7-PO19RzU1K6BijTkwChB_sXViI71ruwE9e2jY7ipGRRxQ1sV0Dcmra_gPjFRoAhdcmZ5WqNK0XaqTV38S7tcGwmnuKMUIp2admEe3v355SFa9ojJrQP5A3uh8NFqKh4AcYlJkn_27Zjg-4STMPWTH9TMNyMp9vqHxF4&sig=Cg0ArKJSzL-PJRtR7PFTEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F7A8F78283B9E865282A37A57D9CF1AC
Requests: 27 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1153793.3855423HYBRIDTHEORY/B27173762.327183629;dc_ver=85.248;sz=728x90;u_sd=1;gdpr=0;nel=1;dc_adk=533717427;ord=5ci2ke;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F5GAtF4dbxT90z9OonyHAPwAAAIDrUfw_nqGUHdbswT9d-SzPg7vHP0izegcJmAYa3fgmVKKvYHRMCypiAAAAADJyLwFRDAAA0QMAAAIAAAAw_ksU_NMaAAAAAABVU0QAVVNEANgCWgDTRQAAAAABAQUCAAAAAMIAKiYoYAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521EhpmpQjusfoXELD8r6IBGPynayAAKAAxAAAAAAAA4D86CUZSQTE6NTI5OUDnLUmDhv4JLlboP1EAAAAAAAAAAFkAAAAAAAAAAGGamZmZmZnpP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DOTc3I0ZSQTE6NTI5OQ%3D%3D%2Fbn%3D93338%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Ftrib.com%2F$0;xdt=0;crlt=QaxI6iB8Bj;cmpl=8;gcsr=m;sttr=27;prcl=s
Frame ID: 4E488CE8817DB3A98A71CCE5A7DC140F
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 97060C4C25C457B003359ADF536ACB88
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsudmyfsJ-gN5uS7lBkTFKuVtpD5ClQE19mM6uYfGSLWFOiuXG_f_rCMJFFL_b0qg6P0aifQ4Cc3hCV_VtVqPhy698__moeY0RqOWjLd4sq8MugOTje1ogpBnJhYtFMFOJk6VqEqdAzmbF-Q5T9XnVlc0bqXTC0YlvFI9eY86lkvzj_uFC7TQdKixcPUfmQsvGLRSH4gYegRoO5jsKsTHN-l1FK2ru1iRsShOtI0qahOTtF-nYGDleaIxLTQoL89m7Axj_5Ml-zycHjdqlainQfnf357F3A1IYkW1zTLGLnLsEzuVtmBl890tph-vHVpD6s&sig=Cg0ArKJSzL2PKgO4MuVaEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 75DF23E33761F5E13A5A26D6E554D14C
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstMbrDCD_XVkQOGmH25USBW_4r46H7Vnfolpl29No_Fz9FlKFiJqWfzAFG-kkEHtEkSk0tDUZm7ULlTzFQI1k_nok0D8ViODJddx9djjg1k5hcRNQta69YZB2U_mJnXf0obHyZFaR-Xzb53DJu3Wly8-2c5_vX8s_tEF6VPD1g2gOHxv5bnOquKm8ETyt2Sv4E5nSKFA6NflkrsMgsbg8saGfIs_EgH9U4xjuxZmmE2lmMPDvwOlO4T3b2VgNzqltuwzr3lrFfAPf-SmKJRYB-A9zGNeP2WMpwj8Zrddz4-tI8XmA37_EF4lQi9fBc&sig=Cg0ArKJSzERHzmbTzqdKEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 76C9775A81BC6DC22B4DB7C9F15CCD6F
Requests: 7 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2375.js
Frame ID: BF66B8015D4F03F6927DFED720C5DD98
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvr1l1K8C0CjC9Ii9rgnU9FVm-u46WUcM74L_PiB66M3Z-UCdFGSOEV2XjdgOLAmfUFVWD4rA93StXh6Gjs3F_FOvX7gZ-SZ1dVJg3_cTf7OuPmMLPwmaLWBUL2fX9iIBPI-SqptVr88o8yAErmQfl3-H3PZweMVhY_cmy1ndRt9A_LAIvgaatK3wNAJMdgX0qhmZjUdoVv0V8mnJiOK-ilJa5PjtzKCzEUKM2GY5YeCdxwVD_yVMpfiV2ES1hpHX59VnCsQbj6jRGTuXSOxBuOCb4-3lyMPe96gCa1mYyWbevJdp4O72FycEUIGxBLrg&sig=Cg0ArKJSzF2kpRqwahbiEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2DA733F1BA813CD0A248B96AFB3AA810
Requests: 18 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3153&pub_id=1424069
Frame ID: 0FF3E6EA2348439B304BB631DA4040CD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3153&pub_id=1424069
Frame ID: 2B6DC72A44AF45CB26386E7DEFF2A1DE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3153&pub_id=1424069
Frame ID: CBD7E6848119CD6727F616DC45E43F5A
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Frame ID: 2D402AB3DF7885726FC911A7984A8E6B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C4%2C246%2C10000%2C9%2C2033&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Frame ID: AEF379394ED41A1A09B8DDE3126DB8CF
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C4%2C246%2C10000%2C9%2C2033&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Frame ID: ABA9CDC17D8141E4AA7AC008452D18B3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3153&pub_id=1424069
Frame ID: BD98E90C6EAD1C6BDCCA8B7F260BE6BD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Frame ID: 87427146A9076FF605E92EFE2E51B46D
Requests: 1 HTTP requests in this frame

Frame: https://lg3.media.net/bql.php?&&vgd_l2type=sca&v=1&gdpr=1&geo=50.98%7C11.03&dlper=20&lper=100&lpid=&tsid=4&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170785151&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_fm_lang=DE&vgd_dnquo=01_9&ksu=243&fdkt=350&vgde_kbbh=ffoNu9&kwd[]=Nintendo+2DS+gebraucht+kaufen&kwt[]=350&kbc[]=178947&kwp[]=1&kid[]=329589446&kbc2[]=178947%7C%7C%7C%7Crps%3D0.24%7C%7Cps%3D0.843%7C%7Crpc%3D0.04%7C%7Clvl%3D1.00&ktd[]=281749871591680&ktrkt[]=Nintendo+2DS+gebraucht+kaufen&kwd[]=Nintendo+Switch+kaufen&kwt[]=350&kbc[]=178947&kwp[]=2&kid[]=326673584&kbc2[]=178947%7C%7C%7C%7Crps%3D0.24%7C%7Cps%3D0.843%7C%7Crpc%3D0.20%7C%7Clvl%3D1.00&ktd[]=281749871591680&ktrkt[]=Nintendo+Switch+kaufen&kwd[]=Nintendo+DS+bestellen&kwt[]=350&kbc[]=178947&kwp[]=3&kid[]=130310222&kbc2[]=178947%7C%7C%7C%7Crps%3D0.23%7C%7Cps%3D0.843%7C%7Crpc%3D0.10%7C%7Clvl%3D1.00&ktd[]=281749871591680&ktrkt[]=Nintendo+DS+bestellen&kwd[]=Nintendo+Wii+g%C3%BCnstig+kaufen&kwt[]=350&kbc[]=178947&kwp[]=4&kid[]=329589447&kbc2[]=178947%7C%7C%7C%7Crps%3D0.80%7C%7Cps%3D0.843&ktd[]=282299627405568&ktrkt[]=Nintendo+Wii+g%C3%BCnstig+kaufen&cid=8CUL2446F&vwid=1646922573336068924&vi=1646922573336068924&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D31103&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785151&vgd_nrrv=54610&vgd_nrrmf=1c848&vgd_nrrsf=scrr&vgd_cty=erfurt&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1646922573111455351&sttm=1646922573811&upk=1646922574.23503&hvsid=00001646922573811036481820164228&verid=3111299&vgd_matchstr=bcat%3Dnull%7Ccsh%3D1&sbdrId=99&vgd_ecrid=305103290&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15FLE3&&abpl=2&&kbbq=%26asn%3D31103&&vgd_vstrid=DefVid&vgde_bdata=~QJjjJLM71yM8OvuiWWFFHf~Q7OvuiWWFFHf~875EJvK00I4tPb~e8Q8G8j875v9~N875vRDKC4~LJkMNz7vu~LM8Evfuh.uuH.fuX.9~LMQNvIV~LGmvXMA~G-MLwvHhr4gEdWqR~G-M1uv9~OYYMOuv9~OYYMOfv_~OYYMOAv9~OYYMOHvu9~OYYMOXv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMOu9v9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvWX~OYYMOuiv9999~OYYMOfuvou~OYYMOffv9.9f~OYYMOfAv9~OYYMOfHvX~OYYMOfXv9~OYYMOfFv999~OYYMOfhv9~OYYMOfWvu~OYYMOfivk1jQJ~OYYMOA9vu~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~wNv9~OYYMOXuv9~OYYMOXfv9~OYYMOXAv9999~OYYMOXFv9~G-MQyY7vJYE75~QyY7vJYE75~G-MLENv99u999u~G-M8z7YOv9~G-My8zQxv9~G-MLQEvv9~G-MQ8lJvhfW-i9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-MJ-Ev9~OYYMjv9.9ff~OYYMLv9.iWF~JMLEYv9.fuA~OYYMYuv9.fuA~OYYMYfv9.9uA~OYYMYAvu.999~OYYMYhvu.FAX~OYYMYu9vu.999~OYYMYuuv9.iWu~OYYMYufvu.FAX~OYYMYuHvu.999~OYYMYuXvu.99H~OYYMYuFv9.iWF~OYYMYfuvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYA9vu.999~OYYMYAAvu.999~OYYMYAHvu.999~OYYMYAivfh.999~OYYMYH9vfh.999~OYYMYHHvu.99H~OYYMYHhvuhFHH.999~OYYMYHWvHAHAFuh.999~ONvyNEoJxoBJQ7uoG~NUMkjv9~GwEv9~JLEYv9.fuA~eGLv9~G8Ov9.ff9~OYYMOAivSG8OSyJ74-Nw1zyJDJQEmzQJ~QxEEj5M71yM8OvuiWWFFHf~e8JB1G8j875v9.WhAufh~NGOEv9.9XA~OYYvw1LYmz5~8zQjv9~O7NvJxMGJ~LJkMNz7vu~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.ff9~QJjjJLM71yM8OvuiWWFFHf~N1LL8JLVOv9~ONx7vhX~OmyGv9ou~8GNvu~&vgd_optout=0&vgd_cfud=200610&vgd_scsver=154&vgd_l2ch=0&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=eu_be&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001646922573811036481820164228&subBdr=99&bdrid=9&fp=mQ_JNlFGhl1o6VM4lWqn-gVp4j0_6kgQY5CxUm-cpVR2oxdpl5QHDG2B9e9IvEaJFLX7S1-Y52mWsFyrT4IBq3AoVxRFfEhJS7ClHwCFSXU4QcruiLqpfoSeYay_6QQW8brxH3SpWeg%3D&cme=6Fbd82Rb9Qzjr41FKHPFEliOfEAD2pbKL_h-aH_ZdzkNxCYqbKvSa8IrS88n9qDW-bSHzN_ucz0IRYxKrIwreTllCDt_0MNYnkTcDZztOlGh3IIGsa8GGeoiEPJU82Zd0CoLbCOXNYTsfL1K8-1ZqMHq4uWNYz6Fosk7xkAMgugqysnXM9f6df7whLCsNX0sarJqgKYIyBuxTwwipg_pcHRy_OrnFwVN%7C%7CMhSffBRfuCOyCp4u_bjS9Q%3D%3D%7Chh7J1FBzUkmLNl36GD1mqSw6iSRse0jpFle8oALcGFLuuK8w0GlHhYLyiNGTICYRaxUtbQeKEOeB832wC3NRAljRFl4snKvPQHzdszD5BZEkmy-RyFjsXb1UvT1opYMg2gDPhFw6limqRVJagt8e-QQTXyIZjaIS7C6LEVShMUBDhJcj1qFNZwV-EFestIeQO2C3mbYtFyODcqfdYBRSNdBlS8da8bDN%7CECZQquDAdXO219s_zvdUcg%3D%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Cu8A6SM53vAeDX2gxB2l7q9coRgBZkbzd%7CqW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb%7CgNTUc7MBYV04UVzmztpDDQ%3D%3D%7Ca0AmFUYXmD69E-EZitIgG6Kxxve82XnCFoNzurAGuww%3D%7C&rc=0&rand=1646922574167&acid=61fbddadb01047ffab92f01b25a1da2a&matm=1646922574167&requrl=https%3A%2F%2Ftrib.com&vgd_x_pos=436&vgd_y_pos=1120&vgd_ren_page_h=6192&vgd_ltime=567&vgd_ltimesrc=1&vgd_l1hcsd=N9%7C1646&vgd_tcf_cmp=1&vgd_l1ch=1&vgd_lhl=3140&vgd_pgid=p0170301996t202203101429&vgd_csip=rtb-common-6bd948ffdb-4knwf.BE&vgd_sbSup=1&vgd_nrrs=54610&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F65889844%2Ftrib.com_728x90i_desktop_0__container__%7CDIV-div-gpt-ad-saambaa728x90x1-8&oRurl=adomain%3Dhttps%253A%252F%252Fcontent.businessinfoline.com%26adt1%3D8CU6M287B%26adt2%3D856004011%26bdrId%3D9%26cb%3Dwindow._mNDetails.initAd%26cc%3DDE%26chnm%3DHARMONY%26cid%3D8CUL2446F%26cpcd%3DXwoV-NCuQXHq_FbmS-SljQ%253D%253D%26crid%3D211362147%26gdpr%3D1%26https%3D1%26katbid%3D-103%26katpre%3D1%26lw%3D1%26matchstring%3Dbcat%253Dnull%257Ccsh%253D1%26nb%3D1%26nse%3D5%26ntv%3D0%26pid%3D8PO15FLE3%26requrl%3Dhttps%253A%252F%252Ftrib.com%26size%3D728x90%26tcf_cmp%3D1%26tpid%3DT92M8NE%26ugd%3D4%26vif%3D1&vgd_end=2
Frame ID: B0FFE681B0991D515EC42B96E89B5A1D
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: 735B017151972D952CE8DF620DEDC750
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Frame ID: 2A3D522637A0D15373BB597F6A9FDD8F
Requests: 21 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 3B845120133C546A0CD00FD2892B5493
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: F82016A1E099705732E9B1596FB105CB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 10268659D36C7ACC95320AE5F16A1586
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: AC6D7E25E7B44E36D253992432EA0290
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C99FA7EE1DA870AB3D94B3BE9D22E007
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Frame ID: A6D2D0CBB512B6C783583B9B673FBBE7
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: DB1BD074BDAA8E43A95EF57D8342E5F7
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: E972DFA12F07F2B65CC64D8C6CD234BD
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 87A4966FB72C244760406CC3C2DC5C3E
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 32BA3633F44AE13389D7B1EC3DBE13E5
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: 00F2877F996FD663BF6F89791CECF98B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: A64B652FE1797E4094841764BD240484
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 1729C995515CF7ECF66076E201FE74B2
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 987C9CC2CF9B1FFBEE85E81AFB7B9839
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: D7E0FB84187A30FFA374CC66F68C67CE
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3582B8FAAA89DF4DC6DC347066DFE74C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: CD08D12018677AE97DF66122D9BF8327
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: 59F9298FE5DF6EBE189B8E245F4CA392
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Frame ID: 9BD66D5B137F1520F58C71F50F16B359
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Frame ID: E4477D5FAE27B6429D6CB18969D372A6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Frame ID: 99E23D8D514B3DFEE5143EC5032D03C9
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: C887625D174712A19F933411D76A5489
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: F307030207F9601998BAA629C90E3ECC
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 146B410068EECAEB996911054232283D
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 825C9DB5682AAD31E243B89D307487F5
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 619F10B47078DC28F459ED1CEA495F81
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 7117527C80F2B1B8AA736B005B0C8517
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpHEkPVpHEkEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7B4E46FC82F6C7907DFC2637D9A8A2FF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpHEkPVpHEkEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E6FE8823616EDA85971003F9AAA0E98C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpHEkPVpHEkEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F6840D4ADABB4949293E1EC5182C8310
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpHEkPVpHEkEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1B8ADC731876623D98388579B268CCFC
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpHEkPVpHEkEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 910FFBFCF9F3076DC8AA97049D986CB8
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=56C2C7BC-5720-40F6-B1F0-D2BAD790D72C
Frame ID: B707FFCC03763418E20C4E804341ED3B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7f2a622a-0b50-4400-9173-1931dddbc291&gdpr=0&gdpr_consent=
Frame ID: B6FAA91D13F5ABD9A90090FC32F1FEA4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1432198052697156572
Frame ID: AC3F8950720F2CA35DD4F2CB8473066B
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2DDBF94479BC166D1158D74123B86C86
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7073478602977114252
Frame ID: F958092817F9BC42AFD364C94C54E7C5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YioLUAAMHy30TwBH&gdpr=0&gdpr_consent=&_test=YioLUAAMHy30TwBH
Frame ID: 44BFB4E8D537850B477F1D1E9DC92F95
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 098F1C11BEDF5C9A4246CBCDF4D40C9C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=EmnH40HhSeNrkz84QrHm8dly14M
Frame ID: D820034A467FF312F4597CBC33B64A0D
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: C7243D03AF7CA70A5B1C9A6567B49F25
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 3EE335515858F686DB9A5140E3C5CA91
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 658B0EE65836DF24306D95E2A04F2421
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 0971CD8B4AC0915F95C51ED1E52C0F8E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 3E6C0E2138BFCB52BDFF5A758E1767CF
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 86237802A4F552C2724893FA9A1BF47D
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ab324fa9-ce80-48bc-b71f-7023878b70c7-tuct92390d0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: B4B8992BAB6C0FE4D744F4423BC4FDA5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Casper Star-TribuneSchließen Sie diesen DialogSchließen Sie die Cookie-EinstellungenCollectionCollectionCollectionVideoVideoVideoVideoAudioAudioAudioAudioVideoVideoVideoVideoCollectionCollectionCollectionCollection

Page URL History Show full URLs

http://trib.com/ HTTP 301
https://trib.com/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crownpeak (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

c\.evidon\.com

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

534
Requests

89 %
HTTPS

29 %
IPv6

77
Domains

122
Subdomains

90
IPs

9
Countries

5484 kB
Transfer

13932 kB
Size

24
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://pagead2.googlesyndication.com/pcs/click%253Fxai%253DAKAOjss74A2QT-L-2VNHjNPh_TWlQpBPe0OPBzxBoGcOO_KrDQ7nZ65X1pujWUSbt8d--Gxcf0RqZYZl9INJM9CT3dCounqIF1xfH36xraKYKwBYkdkOtv-6XQPdcAcSmq7OcV4tn8D53K6R5ISbUNx5vLWbPrh4-3d_JV2IU-lbwDGp9vceLyxqw8w0ztvsAsxtpliUy6wyYPx4HXrgxaDFK6l5r6eqczcYmMw94ttJSe3Bw-80N3sKra7XXrcODgW_ije7YPwLBHF2CpHF4IPtffkp3q1M9r3ZwUgjZw6OiHqg-1Bj8g%2526sig%253DCg0ArKJSzFAstj2FF5pQEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253Dhttps://www.iflycasper.com/?utm_source=trib.com&utm_medium=Banner_Ads&utm_campaign=Reveal

Search URL Search Domain Scan URL

URL: https://subscriberservices.lee.net/subscriberservices/Content/paymentpagesingle.aspx?Domain=trib.com&SubscriberLevel=DOP&Return=https%3A%2F%2Ftrib.com%2F#tracking-source=header&ir=true
Title: Subscribe for $1

Search URL Search Domain Scan URL

URL: https://autos.trib.com/
Title: Cars

Search URL Search Domain Scan URL

URL: https://subscriberservices.lee.net/subscriberservices/Content/AccountStatus.aspx?Domain=trib.com
Title: My Membership

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//668%20New%20York%20149%2BLake%20George%2BNY%2B12845
Title: 668 New York 149, Lake George, NY 12845

Search URL Search Domain Scan URL

URL: http://bistroleroux.com/
Title: Website

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//1525%20E%20Pershing%20Blvd%2BCheyenne%2BWY%2B82001
Title: 1525 E Pershing Blvd, Cheyenne, WY 82001

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//831%20N%20Glenn%20Road%2BCasper%2BWY%2B82601
Title: 831 N Glenn Road, Casper, WY 82601

Search URL Search Domain Scan URL

URL: https://go.trib.com/Nurses2022

Search URL Search Domain Scan URL

URL: http://lee.net/careers/opportunities/?utm_source=newspaper&utm_medium=blox&utm_campaign=workhere
Title: Work here

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://townnews.com/
Title: TownNews.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trib.com/ HTTP 301
https://trib.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

Request Chain 88

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODA8dfAgQEQARgBMggSLKicT_kERw HTTP 301
https://tpc.googlesyndication.com/simgad/11139753753507866120

Request Chain 89

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODomeCQiwEQARgBMgg9QvG8DD5fJg HTTP 301
https://tpc.googlesyndication.com/simgad/3307988277885807439

Request Chain 146

https://bcp.crwdcntrl.net/5/c=6894/rand=690535608/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22casper%20star%20tribune%3B%20casper%20wyoming%3B%20casper%20news%3B%20wyoming%20news%3B%20casper%20newspaper%3B%20wyoming%20newspaper%3B%22%7D/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=690535608/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22casper%20star%20tribune%3B%20casper%20wyoming%3B%20casper%20news%3B%20wyoming%20news%3B%20casper%20newspaper%3B%20wyoming%20newspaper%3B%22%7D/rt=ifr

Request Chain 294

https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=1875353459393999688&tag_id=19886642&creative_id=340524592&creative_size=728x90&reserve_price=0&price_paid=0.166856&bid_price=0.18541&ecp=1.77&referer_url_enc=https%3A%2F%2Ftrib.com%2F&user_id=8385895617895266525&user_ip=217.114.215.131&age=0&gender=u&session_freq=-1&adv_id=3671971&cpg_id=15510467&cp_id=268231847&seg_ids=&adv_freq=0&site_id=5295281&publisher_id=1424069&inv_class=&inv_source_id=&geo_lat=&geo_lon=&ext_app_id=&msft_app_id=${MSFT_APP_ID}&device_md5=&device_sha1=&device_openudid=&device_odin=&device_apple_ida=&device_make_id=0&device_model_id=0&carrier_id=1 HTTP 302
https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D622a0b4dbea1e3000177cca9%26chc%3Daf%26floc%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx HTTP 302
https://map.go.affec.tv/map/an/8385895617895266525?ch=622a0b4dbea1e3000177cca9&chc=af&floc=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
https://go.affec.tv/px

Request Chain 306

https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=7251802305044805210&tag_id=19886642&creative_id=339059941&creative_size=728x90&reserve_price=0&price_paid=0.366393&bid_price=0.46035&ecp=1.77&referer_url_enc=https%3A%2F%2Ftrib.com%2F&user_id=1845880955988091094&user_ip=217.114.215.131&age=0&gender=u&session_freq=-1&adv_id=3671963&cpg_id=15510465&cp_id=268231784&seg_ids=&adv_freq=0&site_id=5295281&publisher_id=1424069&inv_class=&inv_source_id=&geo_lat=&geo_lon=&ext_app_id=&msft_app_id=${MSFT_APP_ID}&device_md5=&device_sha1=&device_openudid=&device_odin=&device_apple_ida=&device_make_id=0&device_model_id=0&carrier_id=1 HTTP 302
https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D622a0b4dd69a6f0001bde028%26chc%3Daf%26floc%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx HTTP 302
https://map.go.affec.tv/map/an/8385895617895266525?ch=622a0b4dd69a6f0001bde028&chc=af&floc=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
https://go.affec.tv/px

Request Chain 324

https://t.myvisualiq.net/impression_pixel?r=115454796&et=i&ago=212&ao=993&aca=27173762&si=6603073&ci=165513127&pi=327183629&ad=519525076&advt=10142764&chnl=-7&vndr=115&sz=9675&u=&viq_did=&pt=i HTTP 302
https://t.myvisualiq.net/ul_cb/impression_pixel?r=115454796&et=i&ago=212&ao=993&aca=27173762&si=6603073&ci=165513127&pi=327183629&ad=519525076&advt=10142764&chnl=-7&vndr=115&sz=9675&u=&viq_did=&pt=i

Request Chain 333

https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=9095629165348729285&tag_id=19886642&creative_id=343683026&creative_size=728x90&reserve_price=0&price_paid=0.233689&bid_price=0.28823&ecp=1.77&referer_url_enc=https%3A%2F%2Ftrib.com%2F&user_id=8385895617895266525&user_ip=217.114.215.131&age=0&gender=u&session_freq=-1&adv_id=3671971&cpg_id=17184607&cp_id=271479437&seg_ids=&adv_freq=0&site_id=5295281&publisher_id=1424069&inv_class=&inv_source_id=&geo_lat=&geo_lon=&ext_app_id=&msft_app_id=${MSFT_APP_ID}&device_md5=&device_sha1=&device_openudid=&device_odin=&device_apple_ida=&device_make_id=0&device_model_id=0&carrier_id=1 HTTP 302
https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D622a0b4dbea1e3000177ccb1%26chc%3Daf%26floc%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx HTTP 302
https://map.go.affec.tv/map/an/8385895617895266525?ch=622a0b4dbea1e3000177ccb1&chc=af&floc=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
https://go.affec.tv/px

Request Chain 477

https://c1.adform.net/serving/cookie/match?party=14&cid=56C2C7BC-5720-40F6-B1F0-D2BAD790D72C HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=56C2C7BC-5720-40F6-B1F0-D2BAD790D72C

Request Chain 478

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7f2a622a-0b50-4400-9173-1931dddbc291&gdpr=0&gdpr_consent=

Request Chain 479

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1432198052697156572

Request Chain 481

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7073478602977114252

Request Chain 482

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YioLUAAMHy30TwBH HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YioLUAAMHy30TwBH&gdpr=0&gdpr_consent=&_test=YioLUAAMHy30TwBH

Request Chain 483

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 484

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=EmnH40HhSeNrkz84QrHm8dly14M

Request Chain 485

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFYlhVN0VWQmNBQUNzbHB1eTF5QQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 487

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 491

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ab324fa9-ce80-48bc-b71f-7023878b70c7-tuct92390d0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 492

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VsLHvFcgQPax8NK615DXLA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 493

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bf21622a-0b50-4800-a752-92feda53faed

Request Chain 494

https://pixel.onaudience.com/?partner=214&mapped=56C2C7BC-5720-40F6-B1F0-D2BAD790D72C HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b994f2c9f4f69faa91f46c580572eda4&gdpr=1 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=527c566488b38575b1fd1c049d0aa805&gdpr=Y&gdpr_consent=${gdpr_consent} HTTP 302
https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3Ddn5h51u%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=ac484e3ff13172f4

Request Chain 495

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTZDMkM3QkMtNTcyMC00MEY2LUIxRjAtRDJCQUQ3OTBENzJD&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 496

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEXCiAX8AQjK0Gr6TiWBH-Q&google_cver=1

Request Chain 498

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=418805657211533826

Request Chain 499

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5a868278-3a57-43f6-96d5-56930a34a4f3

Request Chain 500

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8385895617895266525&gdpr=0&gdpr_consent=

Request Chain 501

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nFw3IJoMMHGHVjJwzlgoeZJfMiCHXDJzz1q1Ysqt

Request Chain 503

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=56C2C7BC-5720-40F6-B1F0-D2BAD790D72C&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=56C2C7BC-5720-40F6-B1F0-D2BAD790D72C&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KE7oYg9E2uUo.opy.GAZANsQ41oSKJk-~A&gdpr=0&gdpr_consent=

Request Chain 504

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=4311eca1-ee34-4da8-b9a1-300e33bf1fc1&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dpubmatic%26user_id%3D%24UID HTTP 302
https://x.bidswitch.net/sync?dsp_id=440&ssp=pubmatic&user_id=6AHHW9eDvWNpOUiuJEip0 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4311eca1-ee34-4da8-b9a1-300e33bf1fc1&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 505

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6980344373774567574&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 508

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8385895617895266525

Request Chain 509

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

534 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
trib.com/
Redirect Chain

http://trib.com/
https://trib.com/

326 KB
45 KB

455ms
226ms

Document
text/html

192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.chicago2.vip.townnews.com

Software

Resource Hash

86fcf18ee3cc2c094450eb335d52f4da2ae15e46c16728bdd9522ba32a7f13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 10 Mar 2022 14:15:39 GMT
content-type: text/html; charset=UTF-8
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 10 Mar 2022 14:15:39 GMT
x-robots-tag: noarchive
x-xrds-location: https://trib.com/tncms/xrds/
x-ua-compatible: IE=edge
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.f3739bd4d04bcee9e077d20b4f31f29c.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
x-tncms: 1.61.4; app18; 0.42s; 8.3M
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: W/9ec0594837887a3c71ef311517ad175d
content-encoding: gzip
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
age: 829
cache-control: public, max-age=10
x-vcache: HIT
accept-ranges: bytes
content-length: 43658

Redirect headers

date: Thu, 10 Mar 2022 14:26:34 GMT
content-type: text/html; charset=UTF-8
x-loop: 1
cache-control: public, max-age=300
x-robots-tag: noarchive
x-xrds-location: https://trib.com/tncms/xrds/
location: https://trib.com/
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
x-tncms: 1.61.4; app2; 0.01s; 1.3M
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
vary: Accept-Encoding
age: 173
x-vcache: HIT
content-length: 1769

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 273ms
88ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3811740
cf-ray: 6e9cbe2b9d1f92b7-FRA
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: HIT
server: cloudflare
etag: W/"60e609f2-1882c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 31 Aug 2022 19:01:19 GMT

GET
H2 200 user.js Show response
trib.com/shared-content/art/tncms/user/ 12 KB
4 KB 121ms
118ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trib.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:28:50 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 18:11:16 GMT
age: 39
etag: W/"621e61c4-2f01"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 4332
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 224ms
41ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3811740
cf-ray: 6e9cbe2b6cdc92b7-FRA
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 05:45:08 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 32 KB
12 KB 276ms
93ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3811740
cf-ray: 6e9cbe2b9d2092b7-FRA
last-modified: Wed, 05 May 2021 20:06:42 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fad2-8154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 05:45:08 GMT

GET
H2 200 tnt.f3739bd4d04bcee9e077d20b4f31f29c.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 21 KB
6 KB 223ms
40ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.f3739bd4d04bcee9e077d20b4f31f29c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78340dabd2984895b85f1a3a19cf21fed26d6d4c57038709dbcf94222f6952ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 755945
cf-ray: 6e9cbe2b6cd592b7-FRA
last-modified: Fri, 28 Jan 2022 22:01:23 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61f467b3-5572"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 01 Mar 2023 20:01:18 GMT

GET
H2 200 application.cb897187c4718280fd69d2e6d6c3909d.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 270ms
87ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3811861
cf-ray: 6e9cbe2b9d1792b7-FRA
last-modified: Wed, 05 May 2021 20:06:24 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fac0-104a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sun, 22 May 2022 03:30:11 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
968 B 268ms
86ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 55751
cf-ray: 6e9cbe2b6cd892b7-FRA
last-modified: Tue, 06 Jul 2021 13:05:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45508-9ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:05 GMT

GET
H2 200 bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 203ms
43ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47207
cf-ray: 6e9cbe2b6cc992b7-FRA
last-modified: Tue, 04 Jan 2022 21:06:09 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61d4b6c1-1ab8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 05 Jan 2023 20:01:10 GMT

GET
H2 200 layout.f76629a7c033054cfd0839cf00037ab1.css
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 152 KB
27 KB 205ms
45ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.f76629a7c033054cfd0839cf00037ab1.css

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

449b82a5c12e1cd152503114da60771bd0ca6fdea2cc9ff25fecadfd4b825edd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 747333
cf-ray: 6e9cbe2b6ccd92b7-FRA
last-modified: Wed, 23 Feb 2022 14:24:20 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62164394-25f23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 01 Mar 2023 20:01:18 GMT

GET
H2 200 lee.ds.css
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 93 KB
16 KB 198ms
38ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1646812991

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98ca1b58f51144561a8b520521a36e0f8cce7f966e19f8765b249e0edf1dc2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 104592
cf-ray: 6e9cbe2b6cce92b7-FRA
last-modified: Wed, 09 Mar 2022 08:03:11 GMT
x-vcache: HIT
server: cloudflare
etag: W/"62285f3f-172b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 09 Mar 2023 08:08:42 GMT

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 198ms
37ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3811740
cf-ray: 6e9cbe2b6ccf92b7-FRA
last-modified: Wed, 05 May 2021 20:07:28 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fb00-189c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 24 May 2022 10:38:18 GMT

GET
H2 200 owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 5 KB
1 KB 245ms
85ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47207
cf-ray: 6e9cbe2b6cd292b7-FRA
last-modified: Fri, 16 Apr 2021 14:04:27 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6079996b-12b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 23 Apr 2022 11:58:11 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/6894/ 38 KB
11 KB 91ms
30ms Script
application/json 18.64.79.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/6894/cc.js?ns=_cc6894
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-84.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 03:25:12 GMT
content-encoding: gzip
etag: W/"8cd042d9f203fe2e01747c7444f95498"
last-modified: Wed, 23 Feb 2022 22:37:16 GMT
server: AmazonS3
age: 39858
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 7fc97e30af7472a64e5a6feef4dbebba.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: 5lnRkNmMULcX8P5jKC7q-ljOnRUTIgLXRr2cC5jPFYs347NmUyyh-g==

GET
H2 200 access.js Show response
trib.com/shared-content/art/tncms/api/ 86 KB
34 KB 116ms
115ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trib.com/shared-content/art/tncms/api/access.js
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de

Request headers

Referer: https://trib.com/
Origin: https://trib.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:28:20 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 00:49:40 GMT
age: 68
etag: W/"621827a4-15686"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 34923
service-worker-allowed: /

GET
H2 200 osano.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 350 KB
83 KB 108ms
25ms Script
application/javascript 2600:9000:206f:f200:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:f200:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

65f626af7c6ceb0be4d01854190ce8ef617d4f3e5d7b8054975ec622884b61da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
x-content-type-options: nosniff
age: 60161
x-cache: Hit from cloudfront
content-length: 83915
x-xss-protection: mode=block
last-modified: Tue, 01 Mar 2022 22:03:56 GMT
server: CloudFront
date: Wed, 09 Mar 2022 21:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
etag: "bea0ec294d839b005d248c5f2635ada6"
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: gzrV1Dle29ytuHCp7QYoQK836WGAzg3NuF61ObglN862W8Ao2Mt8Mw==

GET
H2 200 trib.com.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/ 7 KB
2 KB 307ms
147ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/trib.com.js?_dc=03107

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9d885ecc8b3105513e98d4c38306184a15613f3e60984651c8b0cccea1b2f15

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 6e9cbe2b9d1b92b7-FRA
last-modified: Thu, 10 Mar 2022 06:00:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62299401-1cae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Fri, 10 Mar 2023 14:00:02 GMT

GET
H2 200 video.continue.a2b66a5f72b8916750786031ff004f58.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 3 KB
1 KB 29ms
26ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/video.continue.a2b66a5f72b8916750786031ff004f58.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd72af68e3fe455ae746ed0416917e83028cd0007e10c96d50f2d7d4bde33130

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1729690
cf-ray: 6e9cbe2cdfdc92b7-FRA
last-modified: Wed, 08 Dec 2021 21:26:20 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61b122fc-dbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 15 Feb 2023 20:02:27 GMT

GET
H2 200 owl.carousel.50dc41fa734414148ce4b489fd904c5f.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 40 KB
11 KB 30ms
27ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.50dc41fa734414148ce4b489fd904c5f.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1794ab1a330fa566f4f21116012908a58001e21fb254959ac7cbcd41b25bba34

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1911509
cf-ray: 6e9cbe2cdfde92b7-FRA
last-modified: Fri, 11 Feb 2022 01:23:54 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6205baaa-9ff8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 15 Feb 2023 20:01:19 GMT

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 42ms
40ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3811858
cf-ray: 6e9cbe2cdfe192b7-FRA
last-modified: Tue, 06 Jul 2021 13:05:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45507-db8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:26 GMT

GET
H2 200 tnt.notify.panel.d7dc4795339f38cc067ead9f2f5ef1fb.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 6 KB
2 KB 29ms
28ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.d7dc4795339f38cc067ead9f2f5ef1fb.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff30298cb08600b21e18d99439aab14c6616c4436c5183aeeb1b47f68994448

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3811739
cf-ray: 6e9cbe2cdfe392b7-FRA
last-modified: Tue, 06 Jul 2021 13:05:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45508-19d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:26 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 106ms
19ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3945
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Mar 2023 13:03:36 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 107ms
20ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 09:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 09:36:13 GMT

GET
H2 200 messaging.js Show response
trib.com/shared-content/art/tncms/api/ 4 KB
1 KB 116ms
115ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trib.com/shared-content/art/tncms/api/messaging.js
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:13 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 18:11:16 GMT
age: 15
etag: W/"621e61c4-11aa"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1259
service-worker-allowed: /

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 200 B
276 B 245ms
86ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 621952
cf-ray: 6e9cbe2b9d1c92b7-FRA
last-modified: Wed, 05 May 2021 20:07:21 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092faf9-c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 24 May 2022 10:38:32 GMT

GET
H2 200 tracking.js Show response
trib.com/shared-content/art/tncms/ 3 KB
1 KB 128ms
127ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trib.com/shared-content/art/tncms/tracking.js
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:28:00 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 18:11:16 GMT
age: 89
etag: W/"621e61c4-a4b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1149
service-worker-allowed: /

GET
H2 200 lee.common.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 9 KB
3 KB 245ms
87ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1646812991

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3ccd91915655443f0694161cc9ca923a929c56b58fac5796e93f9a1a0daafb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 103742
cf-ray: 6e9cbe2b9d1d92b7-FRA
last-modified: Wed, 09 Mar 2022 08:03:11 GMT
x-vcache: HIT
server: cloudflare
etag: W/"62285f3f-233f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 09 Mar 2023 08:08:42 GMT

GET
H2 200 fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 253 KB
91 KB 34ms
33ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3a9a6006e4c01d6d84a49eecf07cf36a818779ff4e99bbff22850f02de9c7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3811857
cf-ray: 6e9cbe2cdfe492b7-FRA
last-modified: Wed, 25 Aug 2021 16:36:45 GMT
x-vcache: HIT
server: cloudflare
etag: W/"6126719d-3f553"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 31 Aug 2022 19:01:19 GMT

GET
H2 200 tracker.js Show response
trib.com/shared-content/art/stats/common/ 9 KB
3 KB 128ms
128ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trib.com/shared-content/art/stats/common/tracker.js
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:28:00 GMT
content-encoding: gzip
last-modified: Thu, 08 Jul 2021 16:46:36 GMT
age: 89
etag: W/"60e72bec-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 403f0a3e-3038-11ec-9219-fbdc15c56230.png
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/custom/image/ 8 KB
9 KB 27ms
26ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/custom/image/403f0a3e-3038-11ec-9219-fbdc15c56230.png

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a40f5e0d27b8ea46bf201abaf0142672f50aeb7ea6a15fa92487781831da3b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
vary: Accept
cf-cache-status: HIT
age: 1780752
cf-polished: origFmt=png, origSize=16097
last-modified: Mon, 18 Oct 2021 17:24:29 GMT
content-disposition: inline; filename="403f0a3e-3038-11ec-9219-fbdc15c56230.webp"
content-length: 8662
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "616dadcd-3ee1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 17 Feb 2023 10:06:45 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e9cbe2cdfe792b7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 978 B
1 KB 25ms
24ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
vary: Accept
cf-cache-status: HIT
age: 59993
cf-polished: origFmt=png, origSize=3610
last-modified: Thu, 02 Apr 2015 21:53:54 GMT
content-disposition: inline; filename="user_no_avatar.webp"
content-length: 978
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "551dba72-e1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 06 Mar 2023 07:31:16 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e9cbe2cdfe892b7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 dfp.floor.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/ 177 B
224 B 24ms
24ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/dfp.floor.js?_dc=03107

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f55bd6bea1ac25e303f65c4dae0c1d9537696bb536691f55fa4cc5903177e989

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8760
cf-ray: 6e9cbe2cbfb992b7-FRA
last-modified: Tue, 08 Mar 2022 06:00:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6226f0e5-b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Fri, 10 Mar 2023 07:12:42 GMT

GET
H2 200 dfp.lazy.init.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 13 KB
3 KB 27ms
25ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.init.js?_dc=1645171393

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39f7df787a969e1c859c9414732d303e2e5d8e72f8e2d87a15a4b2d6e467b871

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1750852
cf-ray: 6e9cbe2cdfda92b7-FRA
last-modified: Fri, 18 Feb 2022 08:03:13 GMT
x-vcache: MISS
server: cloudflare
etag: W/"620f52c1-320e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 18 Feb 2023 08:08:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
61 KB 115ms
28ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d086db421e78f95dbb5515b71e5fda3ab18b62f8f61e4cd9f21c6481e9a3bd72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61472
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Mar 2022 14:29:29 GMT

GET
BLOB 200
OK 60fd8960-95bd-4e76-9513-5a6b48879ac2
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/60fd8960-95bd-4e76-9513-5a6b48879ac2
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 tracker.gif
trib.com/shared-content/art/stats/common/ 0
145 B 113ms
113ms Image
image/gif 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trib.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=164692256972416001200684823732529&tnms_dt=Casper%20Star-Tribune&tnms_upage=1&tnms_do=trib.com&tnms_uri=/&tnms_ref=&rt=1646922569727
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
age: 0
etag: "48f79fed-0"
x-vcache: MISS
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 90ms
49ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

84c1a0f3ca1f060f62efcc0221b006b5e59bc1d715305dc65e735335765d3035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27749
x-xss-protection: 0
server: sffe
etag: "1154 / 663 of 1000 / last-modified: 1646914169"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Mar 2022 14:29:29 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 120ms
42ms Script
application/javascript 216.137.42.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.137.42.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-216-137-42-177.lhr61.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: .7apL996dsR_ZFPBtTTtY5SRaPfBf8DJ
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 428
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0EX4MP8WJQJS39NDN8PS
date: Thu, 10 Mar 2022 14:22:22 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ca8dbf5658b41cf179a2ae3717fdfcca.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: LHR61-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: pIxq80gbRUSUrsOzHSj2boXwNyh-mmRIKj7kP3Pa9rIhO_G7IIHr4w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 470 KB
109 KB 128ms
108ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6754b15fdca72643da8ab222d98642232529be634a575bafae154f69b7605663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111511
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Mar 2022 14:29:29 GMT

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 serif-ds.woff2
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 26 KB
26 KB 68ms
29ms Font
application/font-woff2 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/serif-ds.woff2

Requested by

Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1646812991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1646812991
Origin: https://trib.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 862047
last-modified: Wed, 27 Oct 2021 07:03:09 GMT
content-length: 26164
x-robots-tag: noarchive
x-vcache: HIT
server: cloudflare
etag: "6178f9ad-6634"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e9cbe2dc83e9b7d-FRA
expires: Thu, 27 Oct 2022 15:00:37 GMT

GET
H2 200 62290870bf03b.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/3/60/360d1d80-7b21-51b1-ac1b-9c5f2d60ac8c/ 57 KB
57 KB 26ms
24ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/3/60/360d1d80-7b21-51b1-ac1b-9c5f2d60ac8c/62290870bf03b.image.jpg?crop=1763%2C992%2C0%2C91&resize=750%2C422&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

590126ccd2aef65920d3d31ea44ae95c495cb2c1b98eed645ac67b708b9c2328

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 37447
cf-polished: origSize=58368, status=webp_bigger
last-modified: Wed, 09 Mar 2022 20:05:05 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "d4a0c6029d5e10ce0fd9713237a5a85e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 09 Mar 2023 20:05:55 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9cbe2f2e0592b7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 6017397e3624e.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/2/98/29813623-3b52-5824-87f9-ea384d8938b1/ 11 KB
12 KB 32ms
30ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/2/98/29813623-3b52-5824-87f9-ea384d8938b1/6017397e3624e.image.jpg?crop=1798%2C1011%2C0%2C70&resize=300%2C169&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dcc0031075366e0a3d31749b6409b52acc1acf3b6400578d7539c9ff967c497

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 37447
cf-polished: origSize=11828, status=webp_bigger
last-modified: Sun, 31 Jan 2021 23:13:02 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "93d1013e0d289e7ab85ade224e029262"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 10 Mar 2023 00:31:04 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9cbe2f2e0792b7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 61e1c180de0ca.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/d/da/ddafb1e3-fcf6-506b-8b26-5b92b4ec53ac/ 12 KB
13 KB 30ms
29ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/d/da/ddafb1e3-fcf6-506b-8b26-5b92b4ec53ac/61e1c180de0ca.image.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0a28a87b0b94e1164b84e70692b630fb1e941e1171f64b1f9daa0a84d11a8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 37447
cf-polished: origSize=12858, status=webp_bigger
last-modified: Fri, 14 Jan 2022 18:31:29 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "d0ccb811c7ad50622f6458d592224715"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 10 Mar 2023 00:26:45 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9cbe2f2e0892b7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 621eae97e3cac.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/7/17/7175cd6f-f360-5f98-8432-650d1c051917/ 11 KB
12 KB 36ms
34ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/7/17/7175cd6f-f360-5f98-8432-650d1c051917/621eae97e3cac.image.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef46e87c2064eddde2ec2d1c1c463ad831cd54f2fd1f440d6f7fb5428538ddd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 37447
cf-polished: origSize=11957, status=webp_bigger
last-modified: Tue, 01 Mar 2022 23:39:04 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "4c9502c61a3d01f12571132ea50e492f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 06 Mar 2023 00:40:27 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9cbe2f2e0992b7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 622905346ce71.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/d/de/dde25318-12dc-5eaa-aaf9-d9a065942dd4/ 13 KB
13 KB 32ms
31ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/d/de/dde25318-12dc-5eaa-aaf9-d9a065942dd4/622905346ce71.image.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed164f1d5d34a2dc860128e1ca51debfbe834ce74845f75137edd3a7cfb79ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 37447
cf-polished: degrade=85, origSize=15598, status=webp_bigger
last-modified: Wed, 09 Mar 2022 19:51:16 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "c9d45b46b3d521a9f19e98987bcae877"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 09 Mar 2023 20:57:36 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9cbe2f2e0b92b7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 6228e2ee8dc9e.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/5/b6/5b6af313-00db-5d59-aee7-14f09286aab1/ 3 KB
3 KB 38ms
36ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/5/b6/5b6af313-00db-5d59-aee7-14f09286aab1/6228e2ee8dc9e.image.jpg?resize=300%2C169

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2387af7359cfa4f8acf87287f35cd9763a4807ed0ea637c7c1cfda9a14dae54

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
vary: Accept
cf-cache-status: HIT
age: 37447
cf-polished: qual=85, origFmt=jpeg, origSize=3986
last-modified: Wed, 09 Mar 2022 17:25:02 GMT
content-disposition: inline; filename="6228e2ee8dc9e.webp"
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "7b0da577a5e36238109ff4b000d18967"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 09 Mar 2023 22:11:11 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9cbe2f2e0c92b7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 6228d89e2ac82.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/8/8b/88b34b0e-d57b-5537-9cdf-6e65fdd9d5ae/ 12 KB
13 KB 36ms
35ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/8/8b/88b34b0e-d57b-5537-9cdf-6e65fdd9d5ae/6228d89e2ac82.image.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35a71c41c763978beb32e4cf69e3b7fdc567ae69fe352fae1c47520309386051

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 47206
cf-polished: degrade=85, origSize=14950, status=webp_bigger
last-modified: Wed, 09 Mar 2022 16:41:02 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "b19dc46e64ff405acb1a43d7d96078cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 09 Mar 2023 16:48:14 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9cbe2f2e0e92b7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 62280cb7034ee.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/f/84/f84fb03c-5d0c-5762-ba25-e76b3080992a/ 20 KB
20 KB 33ms
32ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/f/84/f84fb03c-5d0c-5762-ba25-e76b3080992a/62280cb7034ee.image.jpg?crop=1763%2C992%2C0%2C91&resize=400%2C225&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c08a49b2a2c62d0c646cc86104f430c7db291d2c716f74f050819a565212f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
cf-cache-status: HIT
age: 37446
cf-polished: degrade=85, origSize=22656, status=webp_bigger
last-modified: Wed, 09 Mar 2022 02:11:03 GMT
strict-transport-security: max-age=604800
content-length: 20716
x-robots-tag: noarchive
x-vcache: HIT
server: cloudflare
etag: "39b60d6991f74c8228ac908fc7666316"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 09 Mar 2023 02:33:20 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e9cbe2f2e1092b7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 622929f4778a3.preview.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/6/55/655cf4bc-531b-53fa-8305-11fb1056030d/ 13 KB
13 KB 39ms
38ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/6/55/655cf4bc-531b-53fa-8305-11fb1056030d/622929f4778a3.preview.jpg?crop=1918%2C1079%2C0%2C0&resize=400%2C225&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c23a080940234d03b10c1a20bf0987deeb2023407e167c29054e808eb355e8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
vary: Accept
cf-cache-status: HIT
age: 37445
cf-polished: qual=85, origFmt=jpeg, origSize=14605
last-modified: Wed, 09 Mar 2022 22:28:05 GMT
content-disposition: inline; filename="622929f4778a3.webp"
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "ec9b1229c35cff8b4c477c1cdc71fd85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 09 Mar 2023 22:30:35 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9cbe2f2e1192b7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 621eae97e3cac.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/7/17/7175cd6f-f360-5f98-8432-650d1c051917/ 17 KB
17 KB 121ms
121ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79083466e54242df079c1f8a26f06a76ad40272869bed59d1d4af12f50b60ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=17530, status=webp_bigger
last-modified: Tue, 01 Mar 2022 23:39:04 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "06caf0d46370f6dc8c55c5ae38ba97d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 02 Mar 2023 00:33:28 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9cbe2f2e1292b7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 / Show response
cmp.osano.com/ Frame 3AA4 4 KB
1 KB 18ms
18ms Document
text/html 2600:9000:206f:f200:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.osano.com/
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f200:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

content-type: text/html
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
server: AmazonS3
content-encoding: br
date: Thu, 10 Mar 2022 05:02:31 GMT
etag: W/"287b497c992487af362d33204f87d28f"
vary: Accept-Encoding Origin
x-cache: Hit from cloudfront
via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: E_YE8blrAHTAUkiEsERxrQtaSYmifXCphpQar-4Zweizu17yRykR7w==
age: 34020

GET /
trib.com/tncms/messaging/service-worker/ Frame 0
0

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 57 B
400 B 115ms
115ms XHR
application/json 216.137.42.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3266&u=https%3A%2F%2Ftrib.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.137.42.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-216-137-42-177.lhr61.r.cloudfront.net
Software: Server /
Resource Hash: 8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:29 GMT
via: 1.1 ca8dbf5658b41cf179a2ae3717fdfcca.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: LHR61-P2
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 57
x-amz-cf-id: u4d7F0kR7tLuuhL6k05t2n6fYNp76283Nu5P9bckx6VxSakl2dFWdg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 98ms
34ms XHR
application/javascript 216.137.42.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.137.42.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-216-137-42-177.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 04:44:20 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 35111
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
via: 1.1 2d58292dbdc9e6483e90b0792b8c3584.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: LHR61-P2
content-type: application/javascript
x-amz-cf-id: -jv2jRDfZsBw1D_07UtX9V8ayr6YtQYWRH1PwcKcbUXyePP8pNBkNQ==

GET
H2 200 pubads_impl_2022030801.js Show response
securepubads.g.doubleclick.net/gpt/ 358 KB
121 KB 17ms
17ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065589

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123897
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Mar 2023 14:27:13 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 248 B
152 B 52ms
27ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=trib.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

27737a746224f18f95c86e19bbfcb9d01a59f5f14d1a5c2fcf4ea982c4ce71a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127
x-xss-protection: 0
expires: Thu, 10 Mar 2022 14:29:30 GMT

GET
H2 200 i99g3gee.js Show response
d81mfvml8p5ml.cloudfront.net/ 13 KB
5 KB 191ms
20ms Script
application/javascript 2600:9000:206f:8e00:2:36a1:2f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:2:36a1:2f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c9a2d086d47148ae23b40fb16fa13a5bd578e40aa7ee5acabd1ad9d3c958ecf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:21:11 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 19:07:57 GMT
server: AmazonS3
age: 500
etag: W/"d5439e10177501ec79fe34fba97cb263"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: max-age=600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: _5ZuW7jqqPsqZeDYhy9UupsTcoK1aCHdWL9lr7jtT_elUY4yRqsmYw==

GET
H2 200 web_surveys.js Show response
survey.survicate.com/workspaces/02044958792d6a6ac6f173c470836c89/ 7 KB
3 KB 260ms
112ms Script
text/javascript 2a0b:4d07:1::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.survicate.com/workspaces/02044958792d6a6ac6f173c470836c89/web_surveys.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:1::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: c890ccaefb37450e0dd87d54a39c457e663b2428a04e62557b29879204f5d5fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 13:30:46 GMT
server: keycdn-engine
x-amz-request-id: ESE4RNN7RJ2DSA29
x-edge-location: defr
etag: W/"21dff7e6e8f7903213cd6b065ad250cd"
x-cache: REVALIDATED
x-amz-version-id: C8suakgjkh.WyX85z3vLphBwEtb3B9cl
access-control-allow-origin: *
cache-control: max-age=300
content-type: text/javascript
x-amz-id-2: TTMmKnD+n3ww5HO8Xpyv1twSu5gcxzxfM8aKFwIc83QM9xBjEqOx/42pUPhMwxsSq5oY/Ojjpl4=

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame 2C3F
Redirect Chain

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

138 B
668 B

98ms
20ms

Document
text/html

108.157.1.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.1.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-1-150.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Last-Modified: Fri, 01 Oct 2021 23:50:10 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 10 Mar 2022 03:46:50 GMT
Cache-Control: max-age=86400
ETag: "50351b1f6590b5c4886c111874e016a0"
X-Cache: Hit from cloudfront
Via: 1.1 5db4f6b1c04035a37ba6548e89b362be.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P2
X-Amz-Cf-Id: bqQ3oitIdsp7BoCQ4BzMeJYGaKxZZqA_PaMo4qMzGgLe8ypaCuY3dw==
Age: 38561

Redirect headers

date: Thu, 10 Mar 2022 14:29:30 GMT
content-type: text/html; charset=UTF-8
content-length: 183
location: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
BLOB 200
OK 26a8d51a-86d7-414f-847e-6e7b6a4e4bb8
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/26a8d51a-86d7-414f-847e-6e7b6a4e4bb8
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 35 KB
12 KB 128ms
81ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=700514979641480&correlator=2439081623838948&eid=31064926%2C31065589%2C44758228%2C31064019&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&gdpr_consent=CPVpHDoPVpHDoEXABADEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=8438%2Ctrib.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x1&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=pos%3Dfixed-impact-top%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D2%26lee_hours%3D14%26lee_day%3D4%26fp%3D138&eri=1&cust_params=k%3Dcasper%2520star%2520tribune%253B%2520casper%2520wyoming%253B%2520casper%2520news%253B%2520wyoming%2520news%253B%2520casper%2520newspaper%253B%2520wyoming%2520newspaper%253B%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&abxe=1&dt=1646922570456&lmt=1646921739&dlt=1646922569317&idt=1086&biw=1600&bih=1200&oid=2&adxs=799&adys=0&ucis=1&adks=1850792709&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Ftrib.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&fws=4&ohw=1600&ga_vid=528037528.1646922570&ga_sid=1646922570&ga_hid=125687938&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065589

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0802c63eabb291031431a22dede92dd27b2cd1429a8e6f0a65e48bd71b54aa7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12033
x-xss-protection: 0
google-lineitem-id: 5915959080
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138383544273
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 19 KB
8 KB 152ms
105ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=700514979641480&correlator=1048363261832240&eid=31064926%2C31065589%2C44758228%2C31064019&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&gdpr_consent=CPVpHDoPVpHDoEXABADEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=8438%2Ctrib.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=pos%3Dbreakout_top%2Cbtf%26density%3Dstandard%26lee_group%3D9%26lee_hours%3D14%26lee_day%3D4%26fp%3D138&eri=1&cust_params=k%3Dcasper%2520star%2520tribune%253B%2520casper%2520wyoming%253B%2520casper%2520news%253B%2520wyoming%2520news%253B%2520casper%2520newspaper%253B%2520wyoming%2520newspaper%253B%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&abxe=1&dt=1646922570462&lmt=1646921739&dlt=1646922569317&idt=1086&biw=1600&bih=1200&oid=2&adxs=315&adys=827&ucis=2&adks=934792290&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Ftrib.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x250&msz=1600x250&fws=4&ohw=1600&ga_vid=528037528.1646922570&ga_sid=1646922570&ga_hid=125687938&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065589

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3eaa07986feefceec199370c4dfdcec69afe13ecff226352da795a6d92b74b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8420
x-xss-protection: 0
google-lineitem-id: 5872678011
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138376918622
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 18 KB
8 KB 116ms
70ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=700514979641480&correlator=1461975666460070&eid=31064926%2C31065589%2C44758228%2C31064019&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&gdpr_consent=CPVpHDoPVpHDoEXABADEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=8438%2Ctrib.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=3x1&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=pos%3Dnative_ad_grid_v3%2Catf%2C50%26density%3Dstandard%26lee_group%3D2%26lee_hours%3D14%26lee_day%3D4%26fp%3D138&eri=1&cust_params=k%3Dcasper%2520star%2520tribune%253B%2520casper%2520wyoming%253B%2520casper%2520news%253B%2520wyoming%2520news%253B%2520casper%2520newspaper%253B%2520wyoming%2520newspaper%253B%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&abxe=1&dt=1646922570464&lmt=1646921739&dlt=1646922569317&idt=1086&biw=1600&bih=1200&oid=2&adxs=1155&adys=1144&ucis=3&adks=1964058597&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Ftrib.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=325x1&msz=325x1&fws=4&ohw=1600&ga_vid=528037528.1646922570&ga_sid=1646922570&ga_hid=125687938&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065589

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4700f5f6768a5e501b6f56b6f3911208143e649c1e1e5760e44da8035f0e21cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8224
x-xss-protection: 0
google-lineitem-id: 5851986392
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374522554
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 323 B
715 B 111ms
65ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=700514979641480&correlator=2723226669556961&eid=31064926%2C31065589%2C44758228%2C31064019&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&gdpr_consent=CPVpHDoPVpHDoEXABADEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=8438%2Ctrib.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=5x1&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=pos%3Dmembers-impact%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D1%26lee_hours%3D14%26lee_day%3D4%26fp%3D138&eri=1&cust_params=k%3Dcasper%2520star%2520tribune%253B%2520casper%2520wyoming%253B%2520casper%2520news%253B%2520wyoming%2520news%253B%2520casper%2520newspaper%253B%2520wyoming%2520newspaper%253B%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&abxe=1&dt=1646922570467&lmt=1646921739&dlt=1646922569317&idt=1086&biw=1600&bih=1200&oid=2&adxs=798&adys=6038&ucis=4&adks=2602136340&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Ftrib.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&fws=4&ohw=1600&ga_vid=528037528.1646922570&ga_sid=1646922570&ga_hid=125687938&ga_fc=false&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065589

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddf0f071303ae0bde8871d69eebdf08794299cb7fdfc84ff9bda14d3fb365151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
79b224d51ba85016c58acc9eb0755626.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D8D4 6 KB
4 KB 108ms
32ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://79b224d51ba85016c58acc9eb0755626.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 10 Mar 2022 14:29:30 GMT
expires: Fri, 10 Mar 2023 14:29:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
BLOB 200
OK 02493b74-84f7-4a92-b1f4-260dc5653e13
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/02493b74-84f7-4a92-b1f4-260dc5653e13
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK a56719a7-44f2-4083-b317-f58f4f227f46
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/a56719a7-44f2-4083-b317-f58f4f227f46
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 72c0ead2-a8db-4d9e-b73d-8f9580d1d90d
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/72c0ead2-a8db-4d9e-b73d-8f9580d1d90d
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 70e9c061-fb91-4140-a667-95aaf640ce91
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/70e9c061-fb91-4140-a667-95aaf640ce91
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK ddfe5d13-7ea4-45eb-83b1-cc8dc7f84356
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/ddfe5d13-7ea4-45eb-83b1-cc8dc7f84356
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 458335dd-d249-431c-8e50-f0828e0016fb
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/458335dd-d249-431c-8e50-f0828e0016fb
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK e77f2578-1b3a-44c4-bcad-7f37b6aa1102
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/e77f2578-1b3a-44c4-bcad-7f37b6aa1102
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK fac979f4-6f0e-47a3-8b01-fb96762156eb
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/fac979f4-6f0e-47a3-8b01-fb96762156eb
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK a9354026-14de-4e0f-8b62-ccf93f64dbc6
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/a9354026-14de-4e0f-8b62-ccf93f64dbc6
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 729e78e5-ec7b-474d-abd4-4996f4c04a0d
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/729e78e5-ec7b-474d-abd4-4996f4c04a0d
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK f28d84a2-ebeb-440b-9496-75cd74cf0d91
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/f28d84a2-ebeb-440b-9496-75cd74cf0d91
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 / Show response
dn1i8v75r669j.cloudfront.net/v/ 67 B
343 B 91ms
21ms Script
application/json 2600:9000:206f:fe00:7:5031:dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dn1i8v75r669j.cloudfront.net/v/?w=i99g3gee
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:7:5031:dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0aae37caeb1c5064881f16534e735f299658ad15ebe527cb1969e75d9ceb1c40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:25:46 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
age: 224
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=300
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: RRe8WVxXLNGuqwxPZZtI0gZJK0ltgsAG29Lzo_4V0ZFjibG15kQujg==

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 438E 0
0 74ms
47ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst4hWMLu26C9zdCHs5ubIauRdu-aOk079lMmoTLlFwN112JwOCiNHwCSJSNuWVm7qPgKJvUYn6Vp9sf2PUD9Ie1QevdHDVQ3YvGdLSduXKTP594kMsUFTRY1YqUCfTtDBnjBeu6_7GSVoi-VNmMBxOzvoX-3mU77gojr8dOwsEenHiITkVMMKiMJNCeh2L_I7bggJyIX_N-4PIM8lgByrYQiVFchDutlKjzP5xcrcpV9iqcP5ziOqOf8gMtwPoHlO5x5WlfYIvfv4iEu6_bM5I6kHpfbTYeiucL9ac05nMJwo6acDbz&sig=Cg0ArKJSzK-TPtSW5AkfEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 438E 11 KB
4 KB 86ms
30ms Script
application/javascript 108.157.4.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=lee_mid_article_native
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-12.dus51.r.cloudfront.net
Software: /
Resource Hash: ee0900e843e2647636742d9ffb71b05586f00f5b6a980c70baab3759fd5e87a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
via: 1.1 2667cbb82aabb944a65b99430aa06d1a.cloudfront.net (CloudFront)
age: 265
etag: "66f129c089d88ed7c3fc8c79a7de8c2c"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-P2
content-encoding: gzip
content-length: 3960
x-amz-cf-id: edOOX34dsQBrz3yJTg1sSuVw9juD7gwmc-o8FaFShLLUomH1JgmqIg==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 438E 117 KB
36 KB 78ms
31ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065589

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:29:30 GMT

GET
H2 200 62299b1ee932e.preview.png
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/c/19/c19b9277-211e-5d27-beef-874ce8c55e10/ 43 KB
43 KB 133ms
132ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/c/19/c19b9277-211e-5d27-beef-874ce8c55e10/62299b1ee932e.preview.png?crop=620%2C349%2C0%2C0&resize=400%2C225&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55b2d3a6c1e73324dd504475718352d54ec66b66e8a5f16b3492a49de31d88f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=76417
last-modified: Thu, 10 Mar 2022 06:30:55 GMT
content-disposition: inline; filename="62299b1ee932e.webp"
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "93b5c6479303cd6a9da6abfccb213068"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 10 Mar 2023 09:37:00 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9cbe32cedf92b7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 6229976cf1bfd.preview.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/3/c5/3c56a748-44de-5fc2-8ff7-3489f43cbf8f/ 15 KB
16 KB 128ms
128ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/3/c5/3c56a748-44de-5fc2-8ff7-3489f43cbf8f/6229976cf1bfd.preview.jpg?crop=1810%2C1018%2C0%2C63&resize=400%2C225&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68d0edbcc9baefe699f18679a3a702457852078534611fe0924d4011aca6fd91

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=18196
last-modified: Thu, 10 Mar 2022 06:15:09 GMT
content-disposition: inline; filename="6229976cf1bfd.webp"
content-length: 15698
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "e9ef9570d3801b8cb1a79bbe880b9c58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 10 Mar 2023 06:36:26 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e9cbe32cee092b7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 5f0fe26a820f2.preview.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/7/0a/70aaa42a-a73f-592e-b2f3-bdaadca6e722/ 19 KB
19 KB 130ms
129ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/7/0a/70aaa42a-a73f-592e-b2f3-bdaadca6e722/5f0fe26a820f2.preview.jpg?crop=1763%2C992%2C0%2C91&resize=400%2C225&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a751af56afc484774a251f070f5f2b0f6f9af727a3d767fb5be28fe8b2b9030

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=19285, status=webp_bigger
last-modified: Thu, 16 Jul 2020 05:15:22 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "8656066b5f080babf5121a36998f9846"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 09 Mar 2023 01:16:49 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9cbe32cee292b7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1478
date: Thu, 10 Mar 2022 14:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 10 Mar 2022 16:04:52 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame E883 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsusxvyAcdVVItrdVRRUrXbvENk7S5G3zX-IWZY9sr2o58C-trcgY5cnh6DCb175AJZNySRK4a5YpRo2C93vhuqYGx_0AGdmeJ5HYUoHLxLLYwq4aS-FxZeHSAzafpU7aZxiZz9Ke0d50FpbFfrMD5AmPmsvpIxYanX38oBbiGnjOLmH38drmCc2YhVLDguPccRzFzp12yl1rHCsGD8zWJ9iRh95luUPBMqgnoDTD4Hu97NiaOJM-pP0Cqsy1rmxtx3FCZx4wqJBm1QJZUzNvfO9_aTA4p57vdYr0cHAFwFKNcKGXv4vljuByg&sig=Cg0ArKJSzA2NX94j-LjKEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 52 KB
4 KB 89ms
36ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 860248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3279
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-ce35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owMmokz%2FJ0Jhbph2L6aRrWJS8f2OZivKkdQ7kEjx92Rwi8cdnHfKVF7Fkg0HUyaoaIydbpq09A4of%2FDHwA94F7cVLZPTJ8upNNb5mWT5GZ1gdSVIbdFQ12OND91DLuJ6s1jZztmRjl54sSU1dwqbr6IX"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e9cbe334bd59c07-FRA
expires: Tue, 28 Feb 2023 14:29:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E883 117 KB
36 KB 85ms
76ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065589

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:29:30 GMT

GET
H3

200

11139753753507866120
tpc.googlesyndication.com/simgad/
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODA8dfAgQEQARgBMggSLKicT_kERw
https://tpc.googlesyndication.com/simgad/11139753753507866120

459 KB
459 KB

60ms
23ms

Image
image/jpeg

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11139753753507866120

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3834bc943a706105cd6696a28ab8bd8fcd2f5bd68eae19722840de30ed5445a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 08:01:36 GMT
x-content-type-options: nosniff
age: 368874
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 470319
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 20:42:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 06 Mar 2023 08:01:36 GMT

Redirect headers

date: Thu, 10 Mar 2022 11:16:17 GMT
x-content-type-options: nosniff
server: cafe
age: 11593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/11139753753507866120
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Apr 2022 11:16:17 GMT

GET
H3

200

3307988277885807439
tpc.googlesyndication.com/simgad/
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODomeCQiwEQARgBMgg9QvG8DD5fJg
https://tpc.googlesyndication.com/simgad/3307988277885807439

202 KB
202 KB

59ms
22ms

Image
image/jpeg

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3307988277885807439

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0819c26fec68702f8ff7a0973a41662d9c8626364b112b5eec9d5451308bc446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 07:21:04 GMT
x-content-type-options: nosniff
age: 371306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 207005
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 20:42:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 06 Mar 2023 07:21:04 GMT

Redirect headers

date: Thu, 10 Mar 2022 10:59:03 GMT
x-content-type-options: nosniff
server: cafe
age: 12627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/3307988277885807439
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:59:03 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame C821 0
0 48ms
47ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvjGKpTITZZFM1hCu3TxtsNRV7ke66OHFG-7Ax3Vx_MDq7-ZtM6Q-V-W5tydcI7_FlksMnJHEe67zE23y-B-ciMgQb8Xb5J4v66Sg9qirEAsNYktnMZFA11IPCO-G34zIMQoNRIGlsGoCp01QQk-APkrOAV8m8G2PRu4DTHOnogV8JtiDCvGi3RCdMPO1c9Adl7iihdbYUTOzooDQRt5JMUpfChXfEz2BSozw8BZuqYP1funRXV3VEIdO-dfRi1i-II_s412kqvGBoUNF1KtAa_Eu6ujMiCHvPm636DrkMDcuBaH4xt&sig=Cg0ArKJSzDDNKgKeqm7JEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 smb-dispad_728x90.js Show response
saambaa.com/widget/gpt/728x90/assets/ Frame C821 32 KB
12 KB 648ms
247ms Script
application/javascript 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dbdf0744a013dc2465064690955405988582190840f3f3b8d79b230f1bab2f04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:26 GMT
content-encoding: gzip
etag: "06501db629d81:0"
last-modified: Thu, 24 Feb 2022 19:38:36 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 11515

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C821 117 KB
36 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065589

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:29:30 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 99 KB
36 KB 84ms
56ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

879214cf759502673dbbc2d404903d666b075daf8b6944469dbc9bfbdb728181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36915
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Mar 2022 14:29:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 71ms
48ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe25948c39b70de9cb3fedf7dff8845f3ca6571cd4e3d44c17ebd17d40069011

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64822
x-xss-protection: 0
expires: Thu, 10 Mar 2022 14:29:30 GMT

GET
H2 200 sp-gzip-2-17-3.js Show response
storage.googleapis.com/lee-snowplow/static/ 77 KB
27 KB 94ms
19ms Script
text/javascript 2a00:1450:4001:813::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:36:56 GMT
content-encoding: gzip
age: 3154
x-guploader-uploadid: ADPycdvxQ9HQ2dVmcSIlT8zCm91xzgfosxdAeqOugJEthwMvkNw8KcDvuXZWlkBXl3GV7a-CtEARvVZSam6kPKcG6AI
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26950
x-goog-meta-
last-modified: Thu, 18 Feb 2021 15:16:40 GMT
server: UploadServer
etag: "d3142accd3f370a95f561f0fbfb3114b"
vary: Accept-Encoding
x-goog-hash: crc32c=C/nZJQ==, md5=0xQqzNPzcKlfVh8Pv7MRSw==
x-goog-generation: 1613661400000346
cache-control: max-age=31536000
x-goog-stored-content-length: 26950
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 10 Mar 2023 13:36:56 GMT

GET
H3 200 optimize.js Show response
www.google-analytics.com/gtm/ 93 KB
36 KB 74ms
27ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-TQ9PK73

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7cdbaaf76f67c977f3b4a6906e9f82104a643002c1b73b13f4610be89ba4fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36614
x-xss-protection: 0
expires: Thu, 10 Mar 2022 14:29:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 87ms
31ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;500;600&display=swap

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d2df297341174be85027bbd8afc4dc4f34917eed27cfbc02b3fd37c57f67340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 14:03:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Mar 2022 14:29:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Mar 2022 14:29:30 GMT

GET
H2 200 widget_core-14.3.0.js Show response
surveys-static.survicate.com/ 318 KB
93 KB 87ms
18ms Script
application/x-javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://surveys-static.survicate.com/widget_core-14.3.0.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 277efb12865b473f3046a93f2bee53394ee5e7cae843926cf958fd97877b2688

Request headers

Referer: https://trib.com/
Origin: https://trib.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: TXVHDJ7V21QJXPET
x-edge-location: defr
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:121050345386:build/ServiceSurveysStaticBuildAs-HG6JoJVHsH3E:aa4a42d4-583c-4e0b-90f2-2a642323d0d0
x-cache: HIT
x-amz-meta-codebuild-content-sha256: cd348d1ad7cb1a8303de6ce572b60a63ab573f7656ca67883794cc338b53aaaf
x-amz-meta-codebuild-content-md5: dff22eec9f0c4300eff3167f5ab36ca0
x-amz-id-2: iu/dXciZ6NZGIypJgq4XvF7efuVI3bXI1z17GEtezRBD7Igr9opbdh5glLuidwZ06zHrMrO0QhA=
last-modified: Tue, 08 Mar 2022 08:40:19 GMT
server: keycdn-engine
etag: W/"1109f47e6379f1c7c0bb6d261aec2cf7"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 2C3F 70 B
260 B 47ms
41ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=nebsjkp&ct=0:21usqg2&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/a40d8c8472466100a39ccf1a8f985e84c3252b84/dist/ Frame 438E 253 KB
81 KB 28ms
26ms Script
application/javascript 108.157.4.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/a40d8c8472466100a39ccf1a8f985e84c3252b84/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=lee_mid_article_native
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-12.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff7cfb9cb22470507879580b814385fe0165be2cf797b43b370a1be72d9ebfb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 00:29:54 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 00:26:28 GMT
server: AmazonS3
age: 136777
etag: "ed4c30e50034bcdb125f687153715203"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2667cbb82aabb944a65b99430aa06d1a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 82163
x-amz-cf-id: E-qwkGkmI4TyTkMzZPeKYCpZQhcMVA929kgAYsVBHSPdYtNfDc3qOg==

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
527 B 113ms
32ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://trib.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 438E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4ffb9386abb88c46a88186bd48755486dc485b463a0ba88e93a7608ebb524a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 i99g3gee_content_config_1627585676199.js Show response
dkpklk99llpj0.cloudfront.net/ 845 B
1 KB 94ms
22ms Script
application/javascript 2600:9000:224a:3200:e:98bf:5f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_content_config_1627585676199.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3200:e:98bf:5f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c564ab82eab3ab608280194eefcee40765ab7872e8ed349e806e3c3170c4631

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 13:23:00 GMT
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 19:07:57 GMT
server: AmazonS3
age: 3027991
etag: "139043e0f27d6df6fda9a9005cd5c871"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 845
x-amz-cf-id: EU0WKFOiZPmzlVHCaJBu5l4Qb5B9O2zwH96rS0b3p7c4p0jNizt9-g==

GET
H2 200 i99g3gee_1606137453919.js Show response
dkpklk99llpj0.cloudfront.net/ 48 KB
15 KB 94ms
33ms Script
application/javascript 2600:9000:224a:3200:e:98bf:5f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3200:e:98bf:5f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19ee3ded1fe83e848e9b5cb0831689460e07c7d3d867fc692c84dc1106086293

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 14:59:08 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 13:17:46 GMT
server: AmazonS3
age: 5787022
etag: W/"c1157a2d0ff0aa862fb2fbffb06ab4d1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: F3_7efyhcy2ephYpCL7nSTCWeuLOqMf8u9JkH5GIRi1yriLVcb0k5Q==

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame E883 0
0 84ms
50ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstVv04SOyugbRORhlbzk1UPQwnSn8lM68kZZU8PHoN9rbXFBbJsKkud5hatbQJktgOp5qZqLyUUNpc50-HrJtKW6Eep64y_cRCa6hf3QmrfCdKguQHPv_6CWB_x0LOfNZB8rH_RAaYmzeTfTeLmOpp6XV9j0HvM56TbJZbPZMsWql5QHp91DUeA0gjGdrh5MA-1nZA4A0Sooik6HJWKMCpvHMSkZmImNR2LZKoO4SIuA7zV0np4J7D3zvk9OiQfHTHIe1nezGzUulQT2HcYpJRUwtiYkNfSYaQyX9IrRG7ryLz8HItdH-VOuM2Z&sig=Cg0ArKJSzLqVmcGUiQGzEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame C821 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77fb9b155e6d13e0960911d07f16e13bd376f823f4502bf17d548845feff6308

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK d9744887-06b6-412c-be1d-c74c546accec
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/d9744887-06b6-412c-be1d-c74c546accec
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
456 B 84ms
25ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://trib.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

OPTIONS
H2 200 yy2
a.leetemplates.com/lee/ Frame 0
0 265ms
124ms Preflight 34.102.205.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.leetemplates.com/lee/yy2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 239.205.102.34.bc.googleusercontent.com
Software: akka-http/10.2.7 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.2.7
date: Thu, 10 Mar 2022 14:29:30 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 200 yy2 Show response
a.leetemplates.com/lee/ 2 B
333 B 170ms
135ms XHR
text/plain 34.102.205.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.leetemplates.com/lee/yy2
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 239.205.102.34.bc.googleusercontent.com
Software: akka-http/10.2.7 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 10 Mar 2022 14:29:31 GMT
via: 1.1 google
server: akka-http/10.2.7
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: clear
content-length: 2

GET
H2 200 auction Show response
tlx.3lift.com/web/ Frame A06C 49 B
455 B 100ms
52ms Script
application/javascript 54.93.106.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/web/auction?inv_code=lee_mid_article_native&referrer=https%3A%2F%2Ftrib.com%2F&rev=a40d8c8&fe=0&ft=1&cb=6086612132&gdpr=true&cmp_cs=CPVpHDvPVpHDvEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/a40d8c8472466100a39ccf1a8f985e84c3252b84/dist/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.106.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-106-38.eu-central-1.compute.amazonaws.com

Software

Resource Hash

20cb264e054deb038ccc4816ad2ef834b4378d399cfcb66dd0183b6ad7ee0bed

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:31 GMT
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width,SecCH-Viewport-Width, Sec-CH-Viewport-Height,Sec-CH-Device-Memory, Sec-CHRTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-length: 49
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 438E 0
0 41ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstt4RQGNa2QkdKdcxxkOOK7ZEIAse9kkOdLEVBYMKwoQ3HwcIkF93fgeglwTqbOCblNs1i1KUSEkRnpFHMs4R_E3KaBaiYvn4A2lq5-9dABYvNMr0h-HX0GCDieZw5As0SA7QbVyKseIEoxD5UC5vcJecF-bo7TKFhfJQ8T_6eWzKezKbzcf9Ttfbnf5BXo737pwxf9DCLX9Yl2oUEIwu3UDl5RIEhfzmR4VVag0Rz4NQCCCyi7ffiRynE2Vt9s-4NVQhzBbeETkfWCa2dfChlvBukhEuMystXvgcVA2-lGR-c8RHuU71w&sig=Cg0ArKJSzFvXROhVlW4eEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
BLOB 200
OK 339afb9e-d055-44c7-99e7-02db112e3c97
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/339afb9e-d055-44c7-99e7-02db112e3c97
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 18ms
18ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 10 Mar 2022 14:34:52 GMT

GET
H2 200 / Show response
am.freshrelevance.com/tpc/ Frame 498E 5 KB
5 KB 143ms
42ms Document
text/html 52.214.200.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://am.freshrelevance.com/tpc/
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.200.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-200-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bd10bc06c6a8d713473deaa6673cbc705f628d301b9e35942ba623c7b60054ec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

date: Thu, 10 Mar 2022 14:29:31 GMT
content-length: 4662
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate

GET
H2 200 r
eb2.3lift.com/ 37 B
140 B 61ms
18ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=lee_mid_article_native&aid=8954668514422865721490&rev=a40d8c8&domain=trib.com&ref=https%253A%252F%252Ftrib.com%252F&pr=un&rr=auction&cb=70337
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b207edab29fd7ce4ef1538cc804a5b6c4a00f054f272e0f4f7a05a39e037f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62103
x-xss-protection: 0
expires: Thu, 10 Mar 2022 14:29:31 GMT

POST
H2 200 /
trib.com/tncms/tracking/business/block/ 0
150 B 114ms
114ms Ping
application/octet-stream 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trib.com/tncms/tracking/business/block/?i=fa0ec768-c36c-581d-86e8-3a4c6388ecb9,71826de8-0ba9-554e-a4ad-dd08ed566fa1,3c955e9c-1610-54ed-81c8-2e1fb128f406,
Requested by: Host: trib.com
URL: https://trib.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

real-hostname: trib.com
x-vcache: MISS
age: 0
date: Thu, 10 Mar 2022 14:29:31 GMT
content-type: application/octet-stream
cache-control: s-maxage=0, private, no-cache
accept-ranges: bytes
content-length: 0

POST
H2 200 /
trib.com/tncms/tracking/classifieds/featured/ 0
150 B 113ms
113ms Ping
application/octet-stream 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trib.com/tncms/tracking/classifieds/featured/?i=69116d0e-38d4-11ec-804e-33393d70ce7c,
Requested by: Host: trib.com
URL: https://trib.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

real-hostname: trib.com
x-vcache: MISS
age: 0
date: Thu, 10 Mar 2022 14:29:31 GMT
content-type: application/octet-stream
cache-control: s-maxage=0, private, no-cache
accept-ranges: bytes
content-length: 0

GET
H3 200 css
fonts.googleapis.com/ Frame C821 6 KB
670 B 56ms
28ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 14:00:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Mar 2022 14:29:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Mar 2022 14:29:31 GMT

GET
H2 200 select.css
saambaa.com/widget/gpt/728x90/assets/ Frame C821 1006 B
737 B 125ms
123ms Stylesheet
text/css 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/widget/gpt/728x90/assets/select.css
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:26 GMT
content-encoding: gzip
etag: "02525d0cceed21:0"
last-modified: Mon, 26 Jun 2017 22:37:38 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 645

GET
H2 200 smb-dispAd_728x90.css
saambaa.com/widget/gpt/728x90/assets/ Frame C821 11 KB
3 KB 126ms
124ms Stylesheet
text/css 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispAd_728x90.css
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 97ded2a432e64f4e5086f03ae1238d87e1e2ffdd63216d068996c566aa55882b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:26 GMT
content-encoding: gzip
etag: "80ac7208c46d71:0"
last-modified: Tue, 11 May 2021 17:36:09 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 2982

GET
H2 200 0 Show response
api.saambaa.com/properties/widgetconfig/728x90/partner/trib/platform/ Frame C821 4 KB
2 KB 377ms
368ms Script
application/javascript 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.saambaa.com/properties/widgetconfig/728x90/partner/trib/platform/0?callback=__smbcfgldr358949
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2e0ebee7b7f89d12dc6dec9101742933c43d3ce47713b1d4cd1ad3360d32834a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:27 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-length: 1592
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C821 81 KB
27 KB 54ms
27ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5770f72d26f8dd6f6d49e97f86f512cf2550105ff36c1ba1781d2757bc9e31bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27775
x-xss-protection: 0
server: sffe
etag: "1154 / 978 of 1000 / last-modified: 1646914126"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Mar 2022 14:29:31 GMT

GET
H2 200 saambaa_prebid.js Show response
saambaa.com/assets/js/ Frame C821 363 KB
108 KB 127ms
125ms Script
application/javascript 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/assets/js/saambaa_prebid.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6d69434d10f3b284edb24e748769b43d4f667026dfc91a347958f3d299d14a8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:27 GMT
content-encoding: gzip
etag: "0afe6f5f03d81:0"
last-modified: Fri, 07 Jan 2022 18:04:06 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 109774

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame C821 76 KB
30 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13aa2e1844715382088baf445f2312c6ca906c083ab744dea16443ae4de40a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30765
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Mar 2022 14:29:31 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame C821 49 KB
20 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1479
date: Thu, 10 Mar 2022 14:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 10 Mar 2022 16:04:52 GMT

GET
H3 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C821 364 KB
122 KB 17ms
17ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Mar 2023 14:21:56 GMT

GET
H2 200 get Show response
am.freshrelevance.com/ 1 B
97 B 113ms
37ms XHR
text/plain 52.214.200.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://am.freshrelevance.com/get?data=%7B%22type%22%3A%22heartbeat%22%2C%22data%22%3A%7B%22c%22%3A%22qj9k236cx6%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22w%22%3A%22i99g3gee%22%7D%7D
Requested by: Host: dkpklk99llpj0.cloudfront.net
URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.200.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-200-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Mar 2022 14:29:31 GMT
content-type: text/plain; charset=utf-8

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame C821 24 KB
10 KB 59ms
20ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:31 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 17 Mar 2022 14:29:31 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/ Frame C821 76 KB
18 KB 63ms
18ms Script
text/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/config.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e95091526118bd0ea713b83e5360e5aefa65bc7d0d0336847a90996ddbee127e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:31 GMT
Content-Encoding: gzip
Age: 338
X-Cache: HIT
Connection: keep-alive
Content-Length: 17686
x-amz-id-2: Y4ChbdyBd+SEiykVnzd/psc0pu5Pd5wiQMkTZsNyTmsrI7kbxL4jyprwZa+wTfqjux90HGj0cK8=
X-Served-By: cache-hhn4030-HHN
Last-Modified: Thu, 10 Mar 2022 14:05:49 GMT
Server: AmazonS3
X-Timer: S1646922572.848971,VS0,VE0
ETag: "ea8907c594e447c7330944ee2e3aaae0"
x-amz-request-id: 55S14TV7G80H1SNG
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 7

GET
H2 200 0 Show response
api.saambaa.com/post/storyboard/2602/market/ Frame C821 544 B
594 B 520ms
147ms XHR
application/javascript 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.saambaa.com/post/storyboard/2602/market/0
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 232bf7998ebafda88a66a06d9c3b238b47df0ae62748a99df119038e965ed2f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:27 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
content-length: 379

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C821 152 KB
53 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4824951468046394

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed94b8ac3f21f667601b895efee191821883b03e4382eaf6b17fcd98896cf408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Origin: https://trib.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53751
x-xss-protection: 0
server: cafe
etag: 9267853621531147600
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:29:31 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame C821 35 B
55 B 18ms
17ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1947673409&t=pageview&_s=1&dl=https%3A%2F%2Ftrib.com%2F&dp=widget%2Fgpt%2F728x90%2Ftrib&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=728x90&je=0&_u=aEAAAAABE~&cid=327101017.1646922572&tid=UA-172552200-29&_gid=1178922164.1646922572&z=1604645201

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 12:11:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8288
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame C821 35 B
55 B 18ms
17ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1947673409&t=pageview&_s=1&dl=https%3A%2F%2Ftrib.com%2F&dp=widget%2Fgpt%2F728x90%2Ftrib&dh=trib.com&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=728x90&je=0&_u=aMAAAAABE~&cid=cbdbf79e-d681-409d-ab0b-14f5d49fdc82&tid=UA-55160257-4&_gid=65479760.1646922572&z=2013758363

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 12:11:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8288
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo-saambaa.png
saambaa.com/assets/image/ Frame C821 2 KB
2 KB 130ms
129ms Image
image/png 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/assets/image/logo-saambaa.png
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:26 GMT
etag: "22c03482ba3bd31:0"
last-modified: Mon, 02 Oct 2017 20:10:35 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 2412

GET
H2 200 loader-dots.gif
saambaa.com/widget/gpt/728x90/assets/ Frame C821 33 KB
33 KB 129ms
129ms Image
image/gif 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/widget/gpt/728x90/assets/loader-dots.gif
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:26 GMT
etag: "02525d0cceed21:0"
last-modified: Mon, 26 Jun 2017 22:37:38 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 33406

GET
H2 200 sidestage-728.jpg
saambaa.com/assets/image/ Frame C821 45 KB
45 KB 133ms
133ms Image
image/jpeg 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/assets/image/sidestage-728.jpg
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispAd_728x90.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 87a6266c72bd0c1cfd50b1725c7e3f7a1e87773f0df81d50c4d1d404d9fe7ebf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saambaa.com/widget/gpt/728x90/assets/smb-dispAd_728x90.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:27 GMT
etag: "b83fbea8ad66d61:0"
last-modified: Thu, 30 Jul 2020 20:11:50 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 46329

GET
DATA 200
OK truncated
/ Frame C821 690 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 rules-p-TWKb6gH_3MnFX.js Show response
rules.quantcount.com/ Frame C821 2 B
345 B 144ms
28ms Script
application/javascript 2600:9000:225f:5e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:5e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:47:23 GMT
via: 1.1 b856a1aa27e94fb19383ead3883c0db4.cloudfront.net (CloudFront)
server: AmazonS3
age: 2527
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: TXL50-P2
content-length: 2
x-amz-cf-id: 6pk-a5ODGsLsaMhPwrCzpS7Fbs-VZZs2AEWv6JySF66XrpbT8lUcIw==

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ Frame C821 292 KB
105 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4824951468046394&plah=trib.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4824951468046394

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aa8374b1a84ef714153d1a4cfe234813ff6c118c3cafe545a6b8fd5d9c2d57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107520
x-xss-protection: 0
server: cafe
etag: 11400439825139180766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:29:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/ Frame 2146 10 KB
5 KB 65ms
19ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4824951468046394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 09 Mar 2022 23:41:54 GMT
expires: Wed, 23 Mar 2022 23:41:54 GMT
cache-control: public, max-age=1209600
age: 53258
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203021325/ Frame C821 191 KB
61 KB 19ms
19ms Script
application/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203021325/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a69669a5a840a3b88c0a6a09d414800480e4869b86caa62b2cadf630ef7e478

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:31 GMT
Content-Encoding: gzip
Age: 248
X-Cache: HIT
Connection: keep-alive
Content-Length: 62318
x-amz-id-2: fncaEIowuAXyxkJnQkQfJ71ReuZFUO2hvmXIVardDfZqo2KmcQOKQmHJM56pT4GZsApke2I+OuM=
X-Served-By: cache-hhn4030-HHN
Last-Modified: Wed, 02 Mar 2022 18:49:58 GMT
Server: AmazonS3
X-Timer: S1646922572.896480,VS0,VE0
ETag: "d4957d4e1f94bb74a7ad7c463b54f902"
x-amz-request-id: R1M2G5TBTSNP269T
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 909

GET
H2 200 pixel;r=1857444418;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Ftrib.com%2F;uh=u;uht=u;ns=1;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=1;gdpr_consent=CPVpHD4PVpHD4EXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCF...
pixel.quantcount.com/ Frame C821 35 B
210 B 53ms
21ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantcount.com/pixel;r=1857444418;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Ftrib.com%2F;uh=u;uht=u;ns=1;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=1;gdpr_consent=CPVpHD4PVpHD4EXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA;us_privacy=1---;ref=;d=trib.com;je=0;sr=1600x1200x24;dst=0;et=1646922572016;tzo=0;ogl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame C821 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst-x0sY8ceS4KNsJrrAWJGUxAdR3wfjGiImD4_iJBFMc8l04EECx1Pzurh5RYw06zha7W7MrMAELoi9JmURhpt7myJOtT37BOLKxYQNUAjLaa6Shb_TN1iApMAWczxb1-RF7P6EqlhPysyTr7EZY_pJ8WbSPY4mfxk48QjhJMYMkR3Nedh5FxCUpNu0vewrZtWpVx5Z3RISV8owk5Ci433CCDKEQTZHxtd3UH5L1bqrvC5Jvekn8h4X-YzGYiwSfKjikjZu5XwBaVgGjB7X6YTMTTCkPKNHVsqGZpGjdKr5yq7WvcBoRDA&sig=Cg0ArKJSzPPNKOqg-P-3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=6894/rand=690535608/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%20Site%20... Frame FCF2
Redirect Chain

https://bcp.crwdcntrl.net/5/c=6894/rand=690535608/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%20Site...
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=690535608/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%2...

163 B
403 B

52ms
52ms

Document
text/html

54.229.233.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=690535608/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22casper%20star%20tribune%3B%20casper%20wyoming%3B%20casper%20news%3B%20wyoming%20news%3B%20casper%20newspaper%3B%20wyoming%20newspaper%3B%22%7D/rt=ifr
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.233.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-233-249.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-type: text/html;charset=utf-8
content-length: 163
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.5.144
x-consent: absent
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)

Redirect headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=690535608/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22casper%20star%20tribune%3B%20casper%20wyoming%3B%20casper%20news%3B%20wyoming%20news%3B%20casper%20newspaper%3B%20wyoming%20newspaper%3B%22%7D/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.21.150
server: Jetty(9.4.38.v20210224)

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 98ms
23ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:29:32 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 89ms
25ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:29:32 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C821 94 B
836 B 136ms
44ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22203206523564ca%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=11b466c8-8f1e-4618-b2d6-a2291c50d05e&pv=46c302a6-ab52-47c3-88b1-5446723b9b53&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

31d8f5490ebd7406cb72ff8a717173b9bfcc99a9117a15331dd0c43d84ac81f1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 119
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame C821 87 B
170 B 463ms
118ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 08f7192850887c2df5f5eb8ca30cc8f834e3926c21cb175ffe73fd971e166893

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame C821 0
204 B 521ms
304ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 200
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 15 KB
8 KB 273ms
235ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

53da55207c441ee8c7b9519bf1d0d18770e2e91e83bf1f29665470017a8f56aa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f497b285-de8e-4355-a457-c0b76c6e9ba0
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C821 0
55 B 422ms
128ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame C821 0
164 B 76ms
30ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 50 B
737 B 128ms
92ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4d59fe88-ea7d-4205-b03a-dbdc430d1d1c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame C821 37 B
334 B 76ms
23ms XHR
text/plain 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22159c01d7a4da0cd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216d968d0908b433%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc8fad808172be54f001c0f3d6877e59fce3e5a21d47d1899ff1e7578efa67c2

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.131], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:29:32 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ Frame C821 0
153 B 81ms
36ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646922572343&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame C821 94 B
741 B 140ms
91ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 8c139854a2247300a497913116e881e099cd622cc0b18d5cbc38c9b9455ea17b

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame C821 0
279 B 77ms
30ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9cbe3d88519bf5-FRA
access-control-allow-headers: Content-Type, Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C821 0
55 B 448ms
162ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C821 95 B
841 B 122ms
44ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2227d5c6a6408d344%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90b_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=169075ed-80a7-41e4-8f15-5522e23daa8a&pv=46c302a6-ab52-47c3-88b1-5446723b9b53&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

5892a6c0477e5e39ee674a39b240944e46dbaf2194033b611a18bb0d85129a51

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ Frame C821 0
154 B 72ms
33ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646922572348&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame C821 0
342 B 371ms
166ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 63
vary: origin, Accept-Encoding

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame C821 37 B
334 B 70ms
25ms XHR
text/plain 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22324f6115a351b26%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2233eb6d93a41f1d2%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d0a536a578718f61e75d691066ab6cb29f8819d04c2a32d5eccb6231b8cefddc

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.131], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:29:32 GMT

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame C821 0
164 B 78ms
34ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame C821 94 B
739 B 157ms
105ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: bf598097c8d40d9d20b14f880d6630fdac2c23431d025ba1dd17d3d822b42353

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame C821 87 B
337 B 432ms
103ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 302cb6def0635636470bf6369f72b401df02b6a028bd41be6547195c7e66f6e9

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame C821 0
35 B 68ms
31ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9cbe3d88549bf5-FRA
access-control-allow-headers: Content-Type, Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 50 B
737 B 90ms
55ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 79482514-7c0e-4636-949e-ad3fee84ba22
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 15 KB
8 KB 275ms
238ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8947850b9f976d1f1cbd263066e9395f7a0649766aa6fab4643648c475542a98

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9ac5b9e8-967a-4bbb-963c-a305b2e51b07
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 blank.png
saambaa.com/assets/image/ Frame C821 68 B
151 B 124ms
123ms Image
image/png 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/assets/image/blank.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:27 GMT
etag: "cebd78f2e7a5d31:0"
last-modified: Wed, 14 Feb 2018 23:02:54 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 68

GET
H2 200 728x90_ukraine_family_v1.png
saambaa-static.azureedge.net/sidestage/ Frame C821 19 KB
19 KB 95ms
19ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa-static.azureedge.net/sidestage/728x90_ukraine_family_v1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: b0824285ab642b362c0d255978a157f91aaea39966ab417326018a1d1c8ecb0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 10 Mar 2022 14:29:32 GMT
last-modified: Wed, 09 Mar 2022 18:04:48 GMT
server: ECAcc (frc/8FA5)
content-md5: cIQDXScCyrRkHA+WuI0dEQ==
age: 73143
etag: 0x8DA01F74D026679
x-cache: HIT
content-type: image/png
x-ms-request-id: 907e3562-a01e-0027-7de0-33774b000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 19553

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 23ms
23ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:29:32 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 50 B
737 B 18ms
18ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bcfea5d0-59b0-4d39-9080-d8df79a50d4b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C821 0
55 B 274ms
91ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame C821 95 B
741 B 137ms
103ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: a6f15d7289af89a0b23154609c5be954c0cd3b321e2d51493cf0b114b857fdae

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 138 B
826 B 35ms
17ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a69b35bbf528b38f25345885713a8d6dd54dc23652c2190f7c7dfea30bd8550e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 77637f16-87d0-49b0-9d15-a07ebc38b119
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ Frame C821 0
153 B 39ms
39ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646922572452&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame C821 0
164 B 41ms
33ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame C821 0
204 B 330ms
230ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 128
vary: origin, Accept-Encoding

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame C821 0
36 B 23ms
23ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9cbe3de94b9bf5-FRA
access-control-allow-headers: Content-Type, Origin

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame C821 37 B
334 B 24ms
24ms XHR
text/plain 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2263823c125bc0a43%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22644dcc222ca126b%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9f563d7dbb40d0c55a4101446ddde97aceb7e2896b1b3c3f4a1d4737c568876e

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.131], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:29:32 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C821 95 B
841 B 43ms
29ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22665967fe228e9b1%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90c_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=e93107c7-ec66-4201-ae53-17e35189e500&pv=46c302a6-ab52-47c3-88b1-5446723b9b53&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

12031675adcc5ab7d0240fc9aa15c8f4fd1ad7c0ac2e21c26e99b67c25335778

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame C821 87 B
170 B 326ms
104ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 5c7cc00545a897c8f8fe3ddef46c3bc799701d388c1391c68634ed15e631f049

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 24ms
24ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:29:32 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C821 0
111 B 248ms
85ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame C821 95 B
739 B 151ms
125ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: b5f11c9aca2586bcf8e195024e473219fab3685030ec1340998f3c2b8bbc3a92

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 50 B
737 B 18ms
18ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 864e0dbc-8df3-4a95-aa01-c5f558efbc33
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame C821 0
36 B 21ms
21ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9cbe3e098a9bf5-FRA
access-control-allow-headers: Content-Type, Origin

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C821 95 B
637 B 46ms
46ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2278ee8e67d8f3326%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90d_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=31b636a3-c93a-42c0-b503-15e5c7375b21&pv=46c302a6-ab52-47c3-88b1-5446723b9b53&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

f2be60a4f44c0cf6f9da97b706c3b11b01fdbd6bac61abd34155731f437264ac

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame C821 0
228 B 285ms
206ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:31 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 102
vary: origin, Accept-Encoding

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame C821 0
164 B 44ms
44ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 / Show response
hb.emxdgt.com/ Frame C821 0
153 B 25ms
25ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646922572475&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame C821 37 B
334 B 25ms
25ms XHR
text/plain 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2285e24449ff17e8e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2286afc2c2c2040e7%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 56b9705924e53f0eaec235615d018124fe8e730938aa1ba10d96bc80d4816b76

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.131], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:29:32 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 13 KB
7 KB 352ms
342ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2f8a5315c559f2cf6b98112363da245ef0e9033d46f731a8bb50e3991a96b1ca

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 682a11af-3a1e-4182-8004-6ac3627c5190
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame C821 87 B
179 B 311ms
110ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 4cd992fa85c18251d446c9cd271ca16eb1c723ba1fd9d1dcfc7d29f6a23f06d0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 25ms
24ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:29:32 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame C821 0
164 B 32ms
32ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C821 95 B
639 B 30ms
30ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2294c3f97e694af2a%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90e_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=fa8d486d-44f2-4129-a665-c64acc84bb41&pv=46c302a6-ab52-47c3-88b1-5446723b9b53&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

d8facc234fff9d7363bde3353252d8cda51972610b627e4da845736e38a9406b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame C821 0
36 B 22ms
22ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9cbe3ffdee9bf5-FRA
access-control-allow-headers: Content-Type, Origin

POST
H2 204 / Show response
hb.emxdgt.com/ Frame C821 0
153 B 41ms
41ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646922572788&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame C821 95 B
741 B 89ms
89ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: f2a2a2ab2367462121daee2556231fd6ab20628ed4156e3b77d6d14f798a381d

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST
H3 200 hb Show response
ssc.33across.com/api/v1/ Frame C821 87 B
126 B 125ms
106ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 24d2826cc3bcce61c44239bec214c1f133f20b990dbebdca32a2d9574df7a511

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C821 0
55 B 98ms
98ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame C821 38 B
335 B 23ms
23ms XHR
text/plain 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221051fdb66754b34d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221069248e20cda7e9%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ddc524cc8bb42cfd3c6ae598e876a3447666a4e4df17425bada064e50d028eb6

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.131], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 38
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:29:32 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame C821 0
204 B 208ms
207ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 103
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 16 KB
8 KB 273ms
273ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7be6f15cdc72225823e4623ca073348f902ab15469592a8c73d8e5313cc69a89

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3625a520-beb1-4e4d-970f-634cc9d524a1
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 50 B
892 B 31ms
31ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 04f0509f-d9b8-4032-9a99-2c66afc0328b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 28ms
28ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:29:32 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H3 200 hb Show response
ssc.33across.com/api/v1/ Frame C821 87 B
128 B 124ms
110ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 4cf989ebb9b84347f3ee9a3109d783739f0d095be986f149f98d9a7325308efa

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C821 96 B
640 B 44ms
44ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22116a225c285022f5%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90f_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=20ac64e5-e8b6-4afa-ac19-45b438d17d3e&pv=46c302a6-ab52-47c3-88b1-5446723b9b53&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

2afb0d9d9ea6584f6897f87cde4c1858a6c5965c3d053353335fbc6334783909

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C821 0
55 B 79ms
78ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 15 KB
8 KB 247ms
246ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

767b5a370edde3b284a6cdbbf1a740435695ef2d866c44fb16f0c3ba189fd886

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 04119fe4-d612-46e1-88a5-f33e5d45656f
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame C821 95 B
739 B 96ms
96ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: ef9f0f4dd87f1a1404235923028ef1cde065889bcd3b476ca38aebcd257a343d

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame C821 0
36 B 22ms
22ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9cbe400e049bf5-FRA
access-control-allow-headers: Content-Type, Origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame C821 0
204 B 202ms
202ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 99
vary: origin, Accept-Encoding

POST
H2 204 / Show response
hb.emxdgt.com/ Frame C821 0
153 B 27ms
27ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646922572797&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame C821 0
164 B 43ms
42ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 50 B
892 B 29ms
29ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 71885be1-fa75-4d59-930c-5e153de38bb9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame C821 38 B
335 B 25ms
25ms XHR
text/plain 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221331ded05c3a8fbe%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2213469ef55bf7e462%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ad140363f2ecb8dae5add2025074460497f8872e300641aabbc456595aabdfd6

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.131], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 38
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:29:32 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C821 18 KB
8 KB 120ms
120ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4237121729629342&correlator=3357105317300730&eid=31064150%2C31065372&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpHEAPVpHEAEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&eri=1&cdm=trib.com&abxe=1&dt=1646922572826&lmt=1646922572&dlt=1646922570718&idt=812&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=hga2915rbq8i&adks=2665021203&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=327101017.1646922572&ga_sid=1646922573&ga_hid=1947673409&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ca55d4c101634b817a99d81d3a3c5b8e85a0b80042739634f73fc7186203091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8347
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317608323
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ded9ebe03ade0babe47a3773dadea74c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3CFB 6 KB
3 KB 42ms
27ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ded9ebe03ade0babe47a3773dadea74c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 10 Mar 2022 14:29:32 GMT
expires: Fri, 10 Mar 2023 14:29:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C821 18 KB
8 KB 66ms
65ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4237121729629342&correlator=3518825513956561&eid=31064150%2C31065372&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpHEAPVpHEAEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D728x90%26hb_pb_oftmedia%3D0.02%26hb_adid_oftmedia%3D2264123a30729b69%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D2264123a30729b69%26hb_bidder%3Doftmedia&eri=1&cdm=trib.com&abxe=1&dt=1646922572836&lmt=1646922572&dlt=1646922570718&idt=812&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=6iz86f2furw6&adks=2384033330&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=327101017.1646922572&ga_sid=1646922573&ga_hid=1947673409&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97ed2d9b68d257ca193014ee7341f9d6a31e8cb468280308d71ab69354724b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8348
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317602674
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 26ms
26ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:29:32 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 50 B
892 B 28ms
28ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 33d5ea2c-2965-4814-acd2-c31ed2d68dfa
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ Frame C821 0
153 B 39ms
38ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646922572848&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame C821 0
36 B 28ms
27ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9cbe405edd9bf5-FRA
access-control-allow-headers: Content-Type, Origin

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C821 96 B
640 B 42ms
42ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221425861286ae490f%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90g_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=d9c3e71c-3305-4153-be6a-e652df0b1b8a&pv=46c302a6-ab52-47c3-88b1-5446723b9b53&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

f70db7a717ec2b5eb347fe599bdcf525029a9d27ae5a8b9003cf989d46100d0d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame C821 95 B
738 B 102ms
102ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 14b6bf15745fcb2f4f9c225d2b2b86ceeeaa90a2092f6bfc9c58f490404d5fe3

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame C821 0
204 B 165ms
164ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 61
vary: origin, Accept-Encoding

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame C821 0
164 B 29ms
27ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C821 0
55 B 90ms
90ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H3 200 hb Show response
ssc.33across.com/api/v1/ Frame C821 87 B
128 B 107ms
107ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 9566241315f2d4effdeebf75cac8ada41584a4f16583315e535242845a6e60c3

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 15 KB
8 KB 157ms
157ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

87e886bab48eed50e9eba03120bd08543d719d9deaa17236f6e45c9333f921e8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6dbed8df-0359-4729-afa9-6ca69551d130
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame C821 37 B
334 B 22ms
22ms XHR
text/plain 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22155a9c0c38afee3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221564c79d352fceae%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 38ab564955aaa11c8af6e697c4a5a199ee5bf28ceecbb5c68acf6c66418caae5

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.131], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:29:32 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C821 18 KB
8 KB 142ms
141ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4237121729629342&correlator=569271700155391&eid=31064150%2C31065372&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpHEBPVpHEBEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D728x90%26hb_pb_oftmedia%3D0.10%26hb_adid_oftmedia%3D230cde3e1511684%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.10%26hb_adid%3D230cde3e1511684%26hb_bidder%3Doftmedia&eri=1&cdm=trib.com&abxe=1&dt=1646922572863&lmt=1646922572&dlt=1646922570718&idt=812&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=g291yto0yx5t&adks=3436911532&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=327101017.1646922572&ga_sid=1646922573&ga_hid=1947673409&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cf918554d9e8390a78e5c33218dbd003ce86a6c94cce1d06b787294eae87cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8354
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317608866
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C821 18 KB
8 KB 130ms
130ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4237121729629342&correlator=971708038177213&eid=31064150%2C31065372&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpHEBPVpHEBEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D728x90%26hb_pb_oftmedia%3D0.01%26hb_adid_oftmedia%3D22588a420d99dd37%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D22588a420d99dd37%26hb_bidder%3Doftmedia&eri=1&cdm=trib.com&abxe=1&dt=1646922572870&lmt=1646922572&dlt=1646922570718&idt=812&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=b7ee03oejkll&adks=889030988&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=327101017.1646922572&ga_sid=1646922573&ga_hid=1947673409&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5158169fab6fc6ef599135e807312f66b79e6be936946617b9678b60ee666f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8372
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317608329
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 23ms
23ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:29:32 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame C821 95 B
739 B 89ms
88ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 0df2455e875a8b4d4e1e882e6d71949aac3746b8ce498ab201bd17e3f8852cff

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C821 96 B
640 B 29ms
29ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22160749dcaca78bb4%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90h_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=3ff99a6e-28fa-45b7-8c50-af930b568ee8&pv=46c302a6-ab52-47c3-88b1-5446723b9b53&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

d414d18b9c5135c56dc4240a0759a5d08ab615bb2a3dfae791b85bba8ca16978

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame C821 0
204 B 185ms
185ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 82
vary: origin, Accept-Encoding

POST
H2 204 / Show response
hb.emxdgt.com/ Frame C821 0
153 B 50ms
49ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646922572880&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame C821 0
164 B 43ms
40ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 18 KB
9 KB 322ms
322ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

89d6bb3a2a9c286c107286a1ffd4bbb90e0e5935887de2cc98b5324f1a8c4ac6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 10a5f76e-f002-44a9-af47-234beef78afa
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame C821 0
36 B 22ms
22ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9cbe409f539bf5-FRA
access-control-allow-headers: Content-Type, Origin

POST
H3 200 hb Show response
ssc.33across.com/api/v1/ Frame C821 87 B
128 B 113ms
113ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: e763eadfba82f01a9fc8dd876a9d41e353903abd2ca92f9ddbb24807ce85a00a

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame C821 38 B
335 B 22ms
22ms XHR
text/plain 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221732ad9d8ff93cec%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22174a36ae8aad5a87%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 373f36b380eba4154e540b52cba0ee7ec78980a5d566b5f67b61cb25c93c3aea

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:32 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.131], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 38
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:29:32 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 50 B
892 B 19ms
18ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:32 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ffcddd75-53f4-4f1e-bf87-1746be7e28a7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C821 0
55 B 82ms
82ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame C046 0
0 43ms
43ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvJcixHYriqu-92YVgAVL58QgMZrr79gOq7yGjlm0Rk6Nh1SNfrVB3daffVjKSFzCiM1u8yjX-NYv8t0KUS0s9lb5vP57Xp54n9QAeGvuJ5ys8IxxrjCdXx7mBwQ04bG6ZNebcPPOInHG0l-3w4dFTf1mfV777bArNfEeb-8kA6qsnHP3utb32mVU9Wqx3gTQdWX4JQ31BQIEtTj5J_GkrBOQr_FlEExlgnWh0-n23wQRSz5n-FFyY73jOxyCCV2MANfpE07B-XENvOn3a5Fl_AOAkXrkZmBW5IRFu_70ZMbxKmpJkjYvbOS-GRdhg&sig=Cg0ArKJSzOYdl2pcW2mGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame C046 113 KB
39 KB 2315ms
2315ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

310e0b9decc0fb6200bf8b2e54d34ecaf7c6395987d39cffd513128e3c776017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39977
x-xss-protection: 0
server: cafe
etag: 6526672108447005184
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:29:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C046 117 KB
36 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:29:32 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame DAD8 0
0 43ms
43ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsurGyyzFll33-0DEIixTsD4Rk1RW7b9lpVz65EW58YapOgrQRSgluR1FDg26qpxn5_DDatcz-pBI4lhymCJCkSsmX1YbtUExSLFLwZiL30U0Kunub8lRprcQK22NGZJ3mzkkJiaMUHXL9Bi9FSW9v7lrQwuMFvGx83n5JzkBQBuAelP8x5ImKt5Z1uHXdvx74abcvYA6jw54K2rHPkTSkXDd4pd5hfC5LarUyq6hsyTkRLeRdqBFpQept8f8rvb4JPTyv4unDm5SnBRNbg8W_YAJ6xg_vhXfiPZ26H450gwT8hPqUm65EAbiYMMeiY&sig=Cg0ArKJSzNNNHzXnwP7_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame DAD8 113 KB
39 KB 2297ms
2296ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf0d139bcd327628d6a79ef2866cb4df0f2f8c4aa008e064f37b14e8d18b0d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40114
x-xss-protection: 0
server: cafe
etag: 1696005069278572668
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:29:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAD8 117 KB
36 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:29:32 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0E3A 0
0 43ms
42ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstbp2uroHUeSGEKHg_2_IWI6WNz4D0zBQE4uj1pO3z52LftCP8m1VZQK6UAKZ2CZTXCNx9hE2xhjKmRG7PQs3Bf_aeg9OqG1HSyXu4aBHiIqUgkXvV5Vy-dC24KFG_HcAeiL9bKJWTl22oqmlf6ggzveE8u36ZQZBwuZeGgbr6CH199XbzPHsE1wsODiVYFflaKiZp0mCsSkEVnwXKIIhtiiN-X7U-xOq9R2h7SRgN2XyjC18S3Fj4uPTZ0TjA3wQeflwRHK2YT9wA-F8K_HlG_hkun1UjBr_XcNoBAih80sbHv-3x4kHWemFd9iQ&sig=Cg0ArKJSzIYlfY6GYSZvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 0E3A 113 KB
39 KB 2254ms
2253ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

772786a55754981f248358a6cdbeebbbb21436a1896bd80436e8ae9a3b5d6773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40090
x-xss-protection: 0
server: cafe
etag: 17445234400644231290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:29:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E3A 117 KB
36 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:29:33 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 2F46 0
0 43ms
43ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvWJY5nAPb1byXiy_gNuqQWZ_p41lqLeTDphO8NJv_PRNdNOxhmQs4ypm-RYydsDP84-XLaSzln2ghiUFgNHaiDZoHQrv59aDHIUmIz4clF4ROxd7gbja4-efrV01lX0GlY7lny9Bi6EStgHz_eOlGzsICmPAjFY6hMOJaqOKoFW2g-uBUBy_2qArW0Y8l_otnjegu79SZ6yKovx6itPmQno40llVyHgRu1zuV-j7j05kE63fSUeChJP76f4MNd_2KJCv4u_PV9fVDAdrPPvZ6MbyfWxPfmIrY9jaoAL3fPrEr9TBrcqNwT8xyuKKg&sig=Cg0ArKJSzLgt9qIyJjvrEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 2F46 113 KB
39 KB 2251ms
2251ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4679d244c3706603d2bf352e0542e7ef4216c232c628840d8931a72cf9c501e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40106
x-xss-protection: 0
server: cafe
etag: 5518444473036539374
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:29:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F46 117 KB
36 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:29:33 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 24ms
24ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:29:33 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C821 96 B
728 B 44ms
44ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2218011fc835415773%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90i_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=8515f402-8d03-444e-a2d8-44c7ca73840e&pv=46c302a6-ab52-47c3-88b1-5446723b9b53&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

7c4f367da6116c4907a7f1694472a72a58d8318c9f94a4a935a67ddc775c633f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame C821 0
164 B 38ms
38ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:29:33 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame C821 95 B
741 B 101ms
101ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: db7fd29bcce75304cced26d637354dfbb877ccaf2d7826ea549cf52ae8b8c53f

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame C821 0
59 B 25ms
25ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9cbe4169649bf5-FRA
access-control-allow-headers: Content-Type, Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 16 KB
8 KB 390ms
390ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

35205b80e72922780ad484814f9fa39437b92b87bd460da0dae0f81062a290af

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6d739082-a06a-4308-9d3f-3d51b8351526
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame C821 0
230 B 423ms
423ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:33 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 319
vary: origin, Accept-Encoding

POST
H3 200 hb Show response
ssc.33across.com/api/v1/ Frame C821 87 B
128 B 110ms
109ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 2d4aef42dfaf0162e69ed566b0c970fd6c41ab229dc4f169cfdccc1ad170d55a

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 204 / Show response
hb.emxdgt.com/ Frame C821 0
153 B 37ms
37ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646922573022&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C821 0
55 B 111ms
110ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame C821 38 B
335 B 24ms
24ms XHR
text/plain 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22197d1f73b1a84686%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221982de849c178995%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 641ffe2f1888cfbfa9eb7e4e5222265ea11589015e62e71fb1132fda6655f48f

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:33 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.131], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 38
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:29:33 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 50 B
892 B 25ms
25ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a7b47a7c-f062-4c17-be58-2d765a8e5f59
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C821 18 KB
8 KB 68ms
67ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4237121729629342&correlator=3620599471800719&eid=31064150%2C31065372&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpHECPVpHECEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90g_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D728x90%26hb_pb_oftmedia%3D0.15%26hb_adid_oftmedia%3D2332fef1f3ef6fd%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.15%26hb_adid%3D2332fef1f3ef6fd%26hb_bidder%3Doftmedia&eri=1&cdm=trib.com&abxe=1&dt=1646922573034&lmt=1646922573&dlt=1646922570718&idt=812&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=jznhm9fr41jm&adks=2192087926&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AGkb-H_exN2rHvLRXa0tJHQaSqNJgo7KGTOt1nzPvMNUreumsxEZ_SEGH_fyS365dDQTgCu_1gbGxhDrxA5GkIy_5AdkTGji%2CAGkb-H-wu5mgS9_I_rGsY1ZVvhnE2nF57exfCisJJoAbcp5RZ6ypiSrPkfN6U8HgDwJa3qJVFAFF1qOcJZHN6wRT7Qhh8L8B%2CAGkb-H-htEqeMLn4hFmzUOSOAwVICUwiz1dO7csB-py3nNiOdgqvFiNXBkmy4vMWJBqF7XnIP0q4pw5WiZgG6UCN3yXsK3Sc%2CAGkb-H8F4BoznVNrAyyVr0Y8TMHe0whDBliLGvOP2-CwOmWvFsnbK18_nT_g3C7ByYMdEsrllDHIOv8tzqp6XAlioA5TdX30&ga_vid=327101017.1646922572&ga_sid=1646922573&ga_hid=1947673409&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2772b5194cec87549292f0bc924090a1431343023875e8649815e5c3c211c99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8388
x-xss-protection: 0
google-lineitem-id: 5111852806
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138274588176
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 24ms
24ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:29:33 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame C821 38 B
335 B 22ms
22ms XHR
text/plain 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222014c62075e96c0a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22202f6c1c83352d79%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: be345b640c910c8ed064024205fbe510bc120eb32827f4286b8d8d26d5a28498

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:33 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.131], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 38
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:29:33 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 140 B
983 B 27ms
27ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5363ffdb9f57cd1aba5668edb42f7034c3417647cdbf606ebe37fa0bc4dd6939

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 867e75b7-d697-4fd6-928b-644cd0679c68
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame C821 94 B
738 B 100ms
99ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 42a3402b3df5eee50286bfcdb8fb0d3d0b3301da68695e35f9cede5420262221

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 / Show response
hb.emxdgt.com/ Frame C821 0
153 B 22ms
22ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646922573056&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame C821 0
164 B 35ms
35ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:29:33 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C821 0
55 B 90ms
90ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 50 B
892 B 18ms
18ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0d2dd9da-cee9-454d-9382-7d69f8a56105
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame C821 0
36 B 25ms
25ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9cbe41a9fc9bf5-FRA
access-control-allow-headers: Content-Type, Origin

POST
H3 200 hb Show response
ssc.33across.com/api/v1/ Frame C821 87 B
128 B 124ms
124ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 26071431a1fcdeb2e61fe99ce7198849c11d21662436f0599e12307425895a1e

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C821 96 B
728 B 29ms
29ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222200cc70ea27f355%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90j_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=493deb4f-f5c1-4fd5-b00c-319160f49c51&pv=46c302a6-ab52-47c3-88b1-5446723b9b53&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

c3d2af661d10460c9a038db893b29ad45c6fdc2ef790c42c14abfe21137f1b41

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame C821 0
205 B 189ms
189ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:32 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 86
vary: origin, Accept-Encoding

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C821 18 KB
8 KB 68ms
67ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4237121729629342&correlator=1703691699823534&eid=31064150%2C31065372&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpHEDPVpHEDEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90f_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D728x90%26hb_pb_oftmedia%3D0.15%26hb_adid_oftmedia%3D2342bb391db74302%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.15%26hb_adid%3D2342bb391db74302%26hb_bidder%3Doftmedia&eri=1&cdm=trib.com&abxe=1&dt=1646922573062&lmt=1646922573&dlt=1646922570718&idt=812&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=hxjiziz9z8z1&adks=1326595308&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AGkb-H_exN2rHvLRXa0tJHQaSqNJgo7KGTOt1nzPvMNUreumsxEZ_SEGH_fyS365dDQTgCu_1gbGxhDrxA5GkIy_5AdkTGji%2CAGkb-H-wu5mgS9_I_rGsY1ZVvhnE2nF57exfCisJJoAbcp5RZ6ypiSrPkfN6U8HgDwJa3qJVFAFF1qOcJZHN6wRT7Qhh8L8B%2CAGkb-H-htEqeMLn4hFmzUOSOAwVICUwiz1dO7csB-py3nNiOdgqvFiNXBkmy4vMWJBqF7XnIP0q4pw5WiZgG6UCN3yXsK3Sc%2CAGkb-H8F4BoznVNrAyyVr0Y8TMHe0whDBliLGvOP2-CwOmWvFsnbK18_nT_g3C7ByYMdEsrllDHIOv8tzqp6XAlioA5TdX30&ga_vid=327101017.1646922572&ga_sid=1646922573&ga_hid=1947673409&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6775e37720d8ae86cee50cbcad6747f91131716713f0ec4786bc18091b9b238f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8349
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317608335
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C821 18 KB
8 KB 69ms
68ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4237121729629342&correlator=3107078179617122&eid=31064150%2C31065372&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpHEDPVpHEDEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90e_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D728x90%26hb_pb_oftmedia%3D0.33%26hb_adid_oftmedia%3D23667be7d7fac273%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.33%26hb_adid%3D23667be7d7fac273%26hb_bidder%3Doftmedia&eri=1&cdm=trib.com&abxe=1&dt=1646922573080&lmt=1646922573&dlt=1646922570718&idt=812&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=u5oj8rkfm7ye&adks=2920569117&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AGkb-H_exN2rHvLRXa0tJHQaSqNJgo7KGTOt1nzPvMNUreumsxEZ_SEGH_fyS365dDQTgCu_1gbGxhDrxA5GkIy_5AdkTGji%2CAGkb-H-wu5mgS9_I_rGsY1ZVvhnE2nF57exfCisJJoAbcp5RZ6ypiSrPkfN6U8HgDwJa3qJVFAFF1qOcJZHN6wRT7Qhh8L8B%2CAGkb-H-htEqeMLn4hFmzUOSOAwVICUwiz1dO7csB-py3nNiOdgqvFiNXBkmy4vMWJBqF7XnIP0q4pw5WiZgG6UCN3yXsK3Sc%2CAGkb-H8F4BoznVNrAyyVr0Y8TMHe0whDBliLGvOP2-CwOmWvFsnbK18_nT_g3C7ByYMdEsrllDHIOv8tzqp6XAlioA5TdX30&ga_vid=327101017.1646922572&ga_sid=1646922573&ga_hid=1947673409&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29f432f9702480b5245133be879aa13e342fdfa09469d313eba4b8b06165d4f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8386
x-xss-protection: 0
google-lineitem-id: 5111852818
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138274875292
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C821 42 B
64 B 38ms
38ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYKAZJsoYb2dE6P9XY81IDjZotXB3mx6MnBO8_8rlnqI4wifEeo8BzQoD7RSXpsZlCNSr6ypnvWnVBLPEjNm6UUJt8DFoY06m7WrPZ0ssPQVjN_BfA&sig=Cg0ArKJSzCquJ8cewkB4EAE&id=lidar2&mcvt=1001&p=1120,436,1210,1164&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=934792290&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646922570718&rpt=1358&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 2B33 0
0 42ms
42ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvQimAOf2PsBwU6Rt7-qN6saVXyKoRahi4Xf6Nj3vlQeElQVd5-j8RE-aZVAhg4omBaJOatXHL5RiWeyS1f3cgV0VKDBts9DdppkmpxsCoutoWgOC34eZDb3BWxQgTUhUdWjynB-Xzc_PnSS-OeU1sP6FmK--WfPoxs912TNknmLONWX4iqbSPTXZx1d9bNmfmg-GTKcWxEOgVyULcBorBIgz_Sd5kp_uBomnZRUuvTDweTWnm_N3i8ecIEemLGZZAmZdSUCxXWhLceSK4jKBl2anN85pcUYLfshmbM2TD4e9jlXqu95QE85_75Z3ucXrc&sig=Cg0ArKJSzH3P3oGpPq5HEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 2B33 11 KB
5 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5008
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:23:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:47:42 GMT

GET
H2 200 durly.js Show response
c.evidon.com/ Frame 2B33 4 KB
2 KB 68ms
18ms Script
application/x-javascript 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=728;ad_h=90
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c7bf4752dbdffa34676c24001c158ccec95d09708252c7ea385f0aa00b263c33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 17:51:55 GMT
server: AkamaiNetStorage
etag: "f1438f07da47f1927ec8f4abb86d21b9:1642701115.070549"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1605

GET
H/1.1 200
OK tfav_adl_68.js Show response
j.adlooxtracking.com/ads/js/ Frame 2B33 64 KB
64 KB 102ms
46ms Script
application/javascript 5.135.142.37
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.135.142.37 , France, ASN16276 (OVH, FR),
Reverse DNS: js05.adlooxtracking.com
Software: nginx/1.15.8 /
Resource Hash: 2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Last-Modified: Tue, 14 Dec 2021 10:09:54 GMT
Server: nginx/1.15.8
ETag: "61b86d72-ffba"
Content-Type: application/javascript
Cache-Control: no-cache, max-age=60
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65466

GET
H/1.1

200
OK

px Show response
go.affec.tv/ Frame 2B33
Redirect Chain

https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=1875353459393999688&tag_id=19886642&creative_id=340524592&creative_size=728x90&reserve_price=0&price_paid=0.166856&bid_price=0.18541&ecp=1....
https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D622a0b4dbea1e3000177cca9%26chc%3Daf%26floc%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx
https://map.go.affec.tv/map/an/8385895617895266525?ch=622a0b4dbea1e3000177cca9&chc=af&floc=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
https://go.affec.tv/px

43 B
168 B

40ms
40ms

Script
image/gif

46.137.168.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/px
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: HTTP/1.1
Server: 46.137.168.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-168-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: //go.affec.tv/px
Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 71
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 2B33 85 KB
29 KB 91ms
28ms Script
application/x-javascript 184.30.24.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-185.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29216
Expires: Fri, 10 Mar 2023 14:29:33 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 2B33 0
819 B 72ms
29ms Image
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftrib.com%252F&e=wqT_3QLnDPD9ZwYAAAMA1gAFAQjMlqiRBhDI5uq7kIGmgxoY3fGboaX0q7B0KjYJ5GAtF4dbxT8RdM_TqJ8hwD8ZAAAAgOtR_D8hnqGUHdbswT8pXfksz4O7xz8xAAAAIIXr0T8wsuS9CTjRGEDRB0gCULD8r6IBWPyna2AAaNOLhQF4mtkFgAEBigEDVVNEkgEDVVNEmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDM2NzE5NzEsIDE2NDY5MjI1NzIpO3VmKCdpJywgNTg3NDc0MSwgMTY0NjkyMjU3Mik7dWYoJ2cnLCAxNTUxMDQ2NyxCOwAwcycsIDI2ODIzMTg0N0Y9ADByJywgMzQwNTI0NTkyNh8A8LaSApUFIU9vTU1tUWp1c2ZvWEVMRDhyNklCR0FBZ19LZHJNQUE0QUVBQVNORUhVTExrdlFsWUFHQ05CR2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCcGtsZzlIME13al9CQVN2MFdoaHd1OGNfeVFFQUFBQUFBQUR3UDlrQmc0Yi1DUzVXNkRfZ0FiWEk1Z0wxQVFBQUFELVlBZ0NnQWdHMUFnQUFBQUM5QWcBOdhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NElsYXpuR1JBTEdBSXRBATvwZUxvRENVWlNRVEU2TlRJNU9lQUQ1eTJBQkxQcjRRZUlCTGJyNFFlUUJBR1lCQUd5QkFvSW0tbTBEQkNGcTRzTnNnUUtDTHVCc2dNUWhhdUxEYm9FR2dqdENCRXpNek16TXpQalB4awFqCQFMQ0M3Z2JJRHVnUWFDSjRKRVpxWm0BAhBja19HUQkjAQEkSUp2cHRBekJCSg0gEGVrX3lRHSEYTmdFQVBFRQEsCQFYQ0lCYk1wa0FYeHZER1lCYWZKODMtcEIRMxRQQV9zUVUJKwEBCE1FRgEHAQEMNERfSgUoHEdCOUROSV8wLigABE5rFSjAOERfZ0JlMlFBZkFGdzlleUJfZ0ZvNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHQQFdOEFBQTRELW9CZ1N5QmlRSgEQDQEAUg0IAQEAWgEFDQEAaA0ISEFBQUM0QmdvLpoCmQEhRWhwbXA-mQIoUHluYXlBQUtBQXgBLwEBDDREODYy0QFAVURuTFVtRGh2NEpMbGJvUDE9NARGawEzCQEIR0dhJYkQWm5wUDIdGABIHTAMSGdBaS6tAvDQdy4u2ALnQ-ACw8tZ6gIRaHR0cHM6Ly90cmliLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOi_SPgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjExNC4yMTUuMTMxqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQNOTc3I0ZSQTE6NTI5OdoEAggB4AQB8ASw_K-iAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAJDrDYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYOMzE1MyNGUkExOjUzMDa4BgDBBgAFMyjwP9AG5QLaBhYKEAUQHQFYEAAYAOAGAfIGcgjxvDESbExSSXhHVXchddhEQUFrQ0JRRUluNWpRQlJEc2dNNEJHSzJ4WUNBSEtBQkFvTlM1QWtqYzlmUURVT2N0V0xvcGNRATsJARBlQUNCQVHieEFBQWlBRUFrQUVBbWdFQ0NBQS6ABwGIBwCgBwG6Bw8ByUwYACAAMAA4vgZAAMgHmtkF0gcNCRGrGBAAGADaBwYJJ0TgBwDqBwIIAPAHw5sBiggCEAA.&s=633571da0c21ecfc217bc28aedb32b432a6b53e4

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 932479b8-20fc-4a23-9fbf-a624d6cfd7bf
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2B33 117 KB
36 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:29:33 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame AF95 0
0 43ms
42ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstSluwDtYiP8gvCJQgataA_IY0r77N9jNHwV-7XuilQqbIDv8AlILS3OxDfTX9XshbICogGhZdQdjzKIUIHfsYlnXIhmar6lmkynagYSDEN3FhQRam4XMoqQlMzh4dMt5KmRpSoUNWAutTuEY04VUL5h0MO30kW95f_zBWrKEmR1OYuMjkHlBzgkf_iAwlvHHAOHqKTNteHzoR8PZZnzuS0FXsbUJnhod-t-BjDNj4SE8sfzi1cQ4JurZin-ZS6aeaugCGS4dQDxZwd7XbrNT-HGgq8IjnWvAjXXOhclY-RPKVwBafy7hnYBhT9Ixs&sig=Cg0ArKJSzFuUNzq4r4SnEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame AF95 113 KB
39 KB 2119ms
2119ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec37472a7272005528083fc9f09fc3df446595edcbacbcaac2dcd0d2793e424c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39977
x-xss-protection: 0
server: cafe
etag: 13261752470082853691
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:29:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF95 117 KB
36 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:29:33 GMT

GET
H3 200 impl_v85.js Show response
www.googletagservices.com/dcm/ Frame 2B33 42 KB
17 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v85.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 524511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17382
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:13:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Mar 2023 12:47:42 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F7A8 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssmAsKnSUcn5hJupchuLel4qrVFaYxmIvSRmEiMMgUk4JzY6oilvXUdh2oMF3kkIR02JEN_AjC3Z3_ceu_gdB9RRIMsKl5WhRgBz1xkCFxaDYhbbaB-wdRLB5WyLDPnCMg_9gKE49NfM7oFvO19iLgEjL-TzhN7-PO19RzU1K6BijTkwChB_sXViI71ruwE9e2jY7ipGRRxQ1sV0Dcmra_gPjFRoAhdcmZ5WqNK0XaqTV38S7tcGwmnuKMUIp2admEe3v355SFa9ojJrQP5A3uh8NFqKh4AcYlJkn_27Zjg-4STMPWTH9TMNyMp9vqHxF4&sig=Cg0ArKJSzL-PJRtR7PFTEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK bsredirect5.js Show response
rtbcdn.doubleverify.com/ Frame F7A8 1 KB
1 KB 129ms
27ms Script
application/javascript 2a02:26f0:12d:587::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_529501086078
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::4469 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3e660aba94db0f369cacbf00e60fc57e08baf1fb5b3bc80b8f7a15c5d7011641

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 11:34:09 GMT
Server: Microsoft-IIS/10.0
ETag: "af57ae9dcd20d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 842

GET
H2 200 durly.js Show response
c.evidon.com/ Frame F7A8 4 KB
2 KB 20ms
19ms Script
application/x-javascript 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=728;ad_h=90
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c7bf4752dbdffa34676c24001c158ccec95d09708252c7ea385f0aa00b263c33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 17:51:55 GMT
server: AkamaiNetStorage
etag: "f1438f07da47f1927ec8f4abb86d21b9:1642701115.070549"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1605

GET
H/1.1 200
OK tfav_adl_68.js Show response
j.adlooxtracking.com/ads/js/ Frame F7A8 64 KB
64 KB 97ms
46ms Script
application/javascript 5.135.142.37
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.135.142.37 , France, ASN16276 (OVH, FR),
Reverse DNS: js05.adlooxtracking.com
Software: nginx/1.15.8 /
Resource Hash: 2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Last-Modified: Tue, 14 Dec 2021 10:09:54 GMT
Server: nginx/1.15.8
ETag: "61b86d72-ffba"
Content-Type: application/javascript
Cache-Control: no-cache, max-age=60
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65466

GET
H/1.1

200
OK

px Show response
go.affec.tv/ Frame F7A8
Redirect Chain

https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=7251802305044805210&tag_id=19886642&creative_id=339059941&creative_size=728x90&reserve_price=0&price_paid=0.366393&bid_price=0.46035&ecp=1....
https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D622a0b4dd69a6f0001bde028%26chc%3Daf%26floc%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx
https://map.go.affec.tv/map/an/8385895617895266525?ch=622a0b4dd69a6f0001bde028&chc=af&floc=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
https://go.affec.tv/px

43 B
168 B

38ms
38ms

Script
image/gif

46.137.168.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/px
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: HTTP/1.1
Server: 46.137.168.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-168-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: //go.affec.tv/px
Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 71
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame F7A8 85 KB
29 KB 82ms
31ms Script
application/x-javascript 184.30.24.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-185.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29216
Expires: Fri, 10 Mar 2023 14:29:33 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame F7A8 0
819 B 60ms
37ms Image
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftrib.com%252F&e=wqT_3QLnDPD9ZwYAAAMA1gAFAQjMlqiRBhDa7Les5fjk0WQY1sHQurHe-M4ZKjYJIOX4wPly1z8REqUTJwy20T8ZAAAAgOtR_D8hT-bdYMFA1j8pn6ut2F923T8xAAAAIIXr0T8wsuS9CTjRGEDRB0gCUOXJ1qEBWPyna2AAaNOLhQF44dUFgAEBigEDVVNEkgEDVVNEmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDM2NzE5NjMsIDE2NDY5MjI1NzIpO3VmKCdpJywgMzA5OTM1NCwgMTY0NjkyMjU3Mik7dWYoJ2cnLCAxNTUxMDQ2NSxCOwAwcycsIDI2ODIzMTc4NEY9ADByJywgMzM5MDU5OTQxNh8A9F4BkgKVBSFDSVl3a2dqc3Nmb1hFT1hKMXFFQkdBQWdfS2RyTUFBNEFFQUFTTkVIVUxMa3ZRbFlBR0JlYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFFVUlZdGVMV2pXUDhFQkRnSG81SEIyM1RfSkFRQUFBQUFBQVBBXzJRR0RodjRKTGxib1AtQUIycFc5QWZVQlpVR3pQcGdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYUlERGdpSXJPY1pFQXNZQWkwQUFBQUF1Z01KUmxKQk1UbzBORE15NEFQbkxZQUVxWkRhQjRnRXdvM29CNUFFQVpnRUFiSUVDZ2liNmJRTUVJV3JpdzJ5QkFvSXU0R3lBeENGcTRzTnVnUWFDTzBJRVRNek16TXpNLU1fR1FBQUFBAeFUQUFJTHVCc2dPNkJCb0luZ2tSbXBtWgECDHlUOFoJIgUBIGdtLW0wRE1FRREgEDZUX0pCBRsJARQyQVFBOFExOQFZVGdGMENLUUJmRzhNWmdGNk1qemY2a0YBGwEBEDhELXhCHS80d1FVYmNaMDFzeTcxUDgJKBw0TWZzMERfUi4oAAgyUVUBP9BBQUFEd1AtQUYwLWNDOEFYQjE3SUgtQVdiai1BQmdnWURSMEpRaUFZT2tBWUJtQVlBb1FZQQE2BQEkS2dHQkxJR0pBawUPBQEEQkUFBwUBBEJrBQcFAQBDHRhETGdHQ2cuLpoCmQEhRFJsc1ZROpkCKFB5bmF5QUFLQUF4BT0JAVw2Q1VaU1FURTZORFF6TWtEbkxVbURodjRJVQAxHWEARh15CEdHYSGJFG1abnBQMh0YAEgdMBBIZ0FpUREQ9BcBRHdQdy4u2ALnQ-ACw8tZ6gIRaHR0cHM6Ly90cmliLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOi_SPgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjExNC4yMTUuMTMxqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQNOTc3I0ZSQTE6NDQzMtoEAggB4AQB8ATlydahAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYOMzE1MyNGUkExOjQ2NTS4BgDBBgAAAAAAAPA_0AblAtoGFgoQAAkSFQFYEAAYAOAGAfIGcgjxvDESbEhCTDBGa3chq9hEQUFrQ0JRRUluNWpRQlJEc2dNNEJHSzJ4WUNBSEtBQkFvTlM1QWtqYzlmUURVT2N0V0s0a2NRATsJARBlQUNCQV3WBGlBhX5QQW1nRUNDQUEugAcBiAcAoAcBugcPAclIGAAgADAAOL4GQADIB-HVBdIHDRX1GBAAGADaBwYJJ0TgBwDqBwIIAPAHw5sBiggCEAA.&s=95bb09c26845b61d1021e9c483489fd4359d65c3

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b3a7f258-ea2a-4aee-8f8c-dddff61f4286
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F7A8 117 KB
36 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:29:33 GMT

GET
H2 200 B27173762.327183629;dc_ver=85.248;sz=728x90;u_sd=1;gdpr=0;nel=1;dc_adk=533717427;ord=5ci2ke;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F5GAtF4dbxT90z9OonyHAPwAAAIDrUfw_nqGUHdbswT9d-SzPg7vHP0ize... Show response
ad.doubleclick.net/ddm/adi/N1153793.3855423HYBRIDTHEORY/ Frame 4E48 49 KB
25 KB 137ms
64ms Document
text/html 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1153793.3855423HYBRIDTHEORY/B27173762.327183629;dc_ver=85.248;sz=728x90;u_sd=1;gdpr=0;nel=1;dc_adk=533717427;ord=5ci2ke;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F5GAtF4dbxT90z9OonyHAPwAAAIDrUfw_nqGUHdbswT9d-SzPg7vHP0izegcJmAYa3fgmVKKvYHRMCypiAAAAADJyLwFRDAAA0QMAAAIAAAAw_ksU_NMaAAAAAABVU0QAVVNEANgCWgDTRQAAAAABAQUCAAAAAMIAKiYoYAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521EhpmpQjusfoXELD8r6IBGPynayAAKAAxAAAAAAAA4D86CUZSQTE6NTI5OUDnLUmDhv4JLlboP1EAAAAAAAAAAFkAAAAAAAAAAGGamZmZmZnpP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DOTc3I0ZSQTE6NTI5OQ%3D%3D%2Fbn%3D93338%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Ftrib.com%2F$0;xdt=0;crlt=QaxI6iB8Bj;cmpl=8;gcsr=m;sttr=27;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

2b3cbcbc0595cb42d855176c88195fa0c3487b177c5d6cf8702206ced47a165a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Mar 2022 14:29:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 24745
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ba.js Show response
c.evidon.com/geo/ Frame 2B33 41 KB
12 KB 24ms
23ms Script
application/x-javascript 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/ba.js?r220120
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=728;ad_h=90
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a28b9871dc80175bbb6cbaadf100abc925d5e106f0254c8f8a13d34141d90bfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 17:51:35 GMT
server: AkamaiNetStorage
etag: "1e1cf06df2b98e267c5e511e819fb810:1642701095.049463"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12426

GET
H2 200 4.gif
c.evidon.com/a/ Frame 2B33 43 B
335 B 25ms
25ms Image
image/gif 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/a/4.gif
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2010 17:07:29 GMT
server: AkamaiNetStorage
etag: "65786c291a4603aa5150a1884452838d:1271351254"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/gif
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 53

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C821 18 KB
8 KB 153ms
153ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4237121729629342&correlator=696331327246075&eid=31064150%2C31065372&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpHEEPVpHEEEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90h_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D728x90%26hb_pb_oftmedia%3D0.21%26hb_adid_oftmedia%3D237ee956738196ae%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.21%26hb_adid%3D237ee956738196ae%26hb_bidder%3Doftmedia&eri=1&cdm=trib.com&abxe=1&dt=1646922573219&lmt=1646922573&dlt=1646922570718&idt=812&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=mealric02eva&adks=719928629&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AGkb-H_exN2rHvLRXa0tJHQaSqNJgo7KGTOt1nzPvMNUreumsxEZ_SEGH_fyS365dDQTgCu_1gbGxhDrxA5GkIy_5AdkTGji%2CAGkb-H-wu5mgS9_I_rGsY1ZVvhnE2nF57exfCisJJoAbcp5RZ6ypiSrPkfN6U8HgDwJa3qJVFAFF1qOcJZHN6wRT7Qhh8L8B%2CAGkb-H-htEqeMLn4hFmzUOSOAwVICUwiz1dO7csB-py3nNiOdgqvFiNXBkmy4vMWJBqF7XnIP0q4pw5WiZgG6UCN3yXsK3Sc%2CAGkb-H8F4BoznVNrAyyVr0Y8TMHe0whDBliLGvOP2-CwOmWvFsnbK18_nT_g3C7ByYMdEsrllDHIOv8tzqp6XAlioA5TdX30%2CAGkb-H-b5mEaDTMjsOhc1NAEEcshkfuSNNM4zyWRtr-hIPL3285QmHLsbdCVx1EuLIevlSwqCHnTP8iUK9qBpl2ABle3Zv3B_jOJnUE%2CAGkb-H_OVKFMsqJ3p8DJFLZU6j7DDswV-ARopN4BFawR0pfS3xdMQq4giX8u42946imdn-mNab-qS5JFah20dDNWCLB3CsIB%2CAGkb-H_XOImelbLCQ2OIgbvooggplPJXkIRR09dAkQXhxFWMd8xQSIldHbVgnq_8f44Jt6AjnYXpSuOBSIOssrVYXV2HHUlnqbKvGB4&ga_vid=327101017.1646922572&ga_sid=1646922573&ga_hid=1947673409&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c19e891d936712931d58d11252cd20b1e3edb9666fe5ecd0948a60f4d3c331c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8386
x-xss-protection: 0
google-lineitem-id: 5112246914
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138274875292
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 153615.js Show response
c.evidon.com/a/n/1267/ Frame 2B33 3 KB
1 KB 19ms
18ms Script
application/x-javascript 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/n/1267/153615.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220120
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 94e8b99f224b394ce1a5031b2f1742c551f635eed13a813716a475d8275f46c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
last-modified: Thu, 08 Oct 2020 14:46:33 GMT
server: AkamaiNetStorage
etag: "6824cb2ff4568d14eda7aff13744195c:1602168393.36391"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=600
accept-ranges: bytes
access-control-allow-headers: *
content-length: 867

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C821 18 KB
8 KB 116ms
116ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4237121729629342&correlator=1424880113444461&eid=31064150%2C31065372&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpHEFPVpHEFEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90j_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&eri=1&cdm=trib.com&abxe=1&dt=1646922573259&lmt=1646922573&dlt=1646922570718&idt=812&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=h0j7yucy8ikk&adks=3366251554&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AGkb-H_exN2rHvLRXa0tJHQaSqNJgo7KGTOt1nzPvMNUreumsxEZ_SEGH_fyS365dDQTgCu_1gbGxhDrxA5GkIy_5AdkTGji%2CAGkb-H-wu5mgS9_I_rGsY1ZVvhnE2nF57exfCisJJoAbcp5RZ6ypiSrPkfN6U8HgDwJa3qJVFAFF1qOcJZHN6wRT7Qhh8L8B%2CAGkb-H-htEqeMLn4hFmzUOSOAwVICUwiz1dO7csB-py3nNiOdgqvFiNXBkmy4vMWJBqF7XnIP0q4pw5WiZgG6UCN3yXsK3Sc%2CAGkb-H8F4BoznVNrAyyVr0Y8TMHe0whDBliLGvOP2-CwOmWvFsnbK18_nT_g3C7ByYMdEsrllDHIOv8tzqp6XAlioA5TdX30%2CAGkb-H-b5mEaDTMjsOhc1NAEEcshkfuSNNM4zyWRtr-hIPL3285QmHLsbdCVx1EuLIevlSwqCHnTP8iUK9qBpl2ABle3Zv3B_jOJnUE%2CAGkb-H_OVKFMsqJ3p8DJFLZU6j7DDswV-ARopN4BFawR0pfS3xdMQq4giX8u42946imdn-mNab-qS5JFah20dDNWCLB3CsIB%2CAGkb-H_XOImelbLCQ2OIgbvooggplPJXkIRR09dAkQXhxFWMd8xQSIldHbVgnq_8f44Jt6AjnYXpSuOBSIOssrVYXV2HHUlnqbKvGB4&ga_vid=327101017.1646922572&ga_sid=1646922573&ga_hid=1947673409&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

148474393c2445ade47d348e23b9e51d1f6cf1e976d4635fc7cdf779b174a490

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8353
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317608344
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bsredirect5_internal75.js Show response
rtbcdn.doubleverify.com/ Frame F7A8 42 KB
13 KB 31ms
30ms Script
application/javascript 2a02:26f0:12d:587::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbcdn.doubleverify.com/bsredirect5_internal75.js
Requested by: Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_529501086078
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::4469 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 26ab9a29da8cc677c6f6015748470d12094f179666206637e5655da898243e81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 11:34:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0333ca5cd20d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13159

GET
H2 200 10790119485912472306
s0.2mdn.net/simgad/ Frame 4E48 56 KB
56 KB 69ms
19ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10790119485912472306

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1153793.3855423HYBRIDTHEORY/B27173762.327183629;dc_ver=85.248;sz=728x90;u_sd=1;gdpr=0;nel=1;dc_adk=533717427;ord=5ci2ke;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F5GAtF4dbxT90z9OonyHAPwAAAIDrUfw_nqGUHdbswT9d-SzPg7vHP0izegcJmAYa3fgmVKKvYHRMCypiAAAAADJyLwFRDAAA0QMAAAIAAAAw_ksU_NMaAAAAAABVU0QAVVNEANgCWgDTRQAAAAABAQUCAAAAAMIAKiYoYAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521EhpmpQjusfoXELD8r6IBGPynayAAKAAxAAAAAAAA4D86CUZSQTE6NTI5OUDnLUmDhv4JLlboP1EAAAAAAAAAAFkAAAAAAAAAAGGamZmZmZnpP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DOTc3I0ZSQTE6NTI5OQ%3D%3D%2Fbn%3D93338%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Ftrib.com%2F$0;xdt=0;crlt=QaxI6iB8Bj;cmpl=8;gcsr=m;sttr=27;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65551439ed53aa6f08104ee74e6a549d67fe626df2badd6970263cd5451482fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 04:27:52 GMT
x-content-type-options: nosniff
age: 468101
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57148
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 14:00:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Mar 2023 04:27:52 GMT

GET
H3 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/xfa/ Frame 4E48 10 KB
4 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

becfe54a92dcdab6b0dfb3b7db070d3f10e66732ed62a5ec2840ae3edd8c4b38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 23:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4034
x-xss-protection: 0
server: cafe
etag: 4087262437388033801
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 23:28:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/elements/html/ Frame 4E48 8 KB
3 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:28:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Mar 2022 14:28:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E48 117 KB
36 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:29:33 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4E48 0
524 B 99ms
48ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstVj0xeWvD4fbbDVQuekvfrWXQ_PnxT05ynWI8L7WcnJwywYnFndqYM_cJFRaR1AvIcMSVbo0ziNKZu1EHKES73-BicZbyzSvKxIVIrzzZN_jyglvETsYsWQ&sig=Cg0ArKJSzNob0NiR0dvwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220308.97784&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 4E48 8 KB
4 KB 82ms
27ms Script
application/javascript 2a02:26f0:12d:587::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3758893&cmp=27173762&sid=6603073&plc=327183629&num=&adid=&advid=10142764&adsrv=1&btreg=519525076&btadsrv=doubleclick&crt=165513127&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1153793.3855423HYBRIDTHEORY/B27173762.327183629;dc_ver=85.248;sz=728x90;u_sd=1;gdpr=0;nel=1;dc_adk=533717427;ord=5ci2ke;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F5GAtF4dbxT90z9OonyHAPwAAAIDrUfw_nqGUHdbswT9d-SzPg7vHP0izegcJmAYa3fgmVKKvYHRMCypiAAAAADJyLwFRDAAA0QMAAAIAAAAw_ksU_NMaAAAAAABVU0QAVVNEANgCWgDTRQAAAAABAQUCAAAAAMIAKiYoYAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521EhpmpQjusfoXELD8r6IBGPynayAAKAAxAAAAAAAA4D86CUZSQTE6NTI5OUDnLUmDhv4JLlboP1EAAAAAAAAAAFkAAAAAAAAAAGGamZmZmZnpP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DOTc3I0ZSQTE6NTI5OQ%3D%3D%2Fbn%3D93338%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Ftrib.com%2F$0;xdt=0;crlt=QaxI6iB8Bj;cmpl=8;gcsr=m;sttr=27;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::4469 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a86eea3bd77a07092b4af88e3dd54272f8118190aaba5fef3bd04dd8a5490ae4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 11:57:53 GMT
Server: Microsoft-IIS/10.0
ETag: "80f6c1bde332d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3291

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 4E48 0
339 B 123ms
40ms Image
text/plain 52.48.40.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=27173762&advertiserid=10142764&placementid=327183629&adid=519525076&creativeid=165513127&siteid=6603073
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1153793.3855423HYBRIDTHEORY/B27173762.327183629;dc_ver=85.248;sz=728x90;u_sd=1;gdpr=0;nel=1;dc_adk=533717427;ord=5ci2ke;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F5GAtF4dbxT90z9OonyHAPwAAAIDrUfw_nqGUHdbswT9d-SzPg7vHP0izegcJmAYa3fgmVKKvYHRMCypiAAAAADJyLwFRDAAA0QMAAAIAAAAw_ksU_NMaAAAAAABVU0QAVVNEANgCWgDTRQAAAAABAQUCAAAAAMIAKiYoYAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521EhpmpQjusfoXELD8r6IBGPynayAAKAAxAAAAAAAA4D86CUZSQTE6NTI5OUDnLUmDhv4JLlboP1EAAAAAAAAAAFkAAAAAAAAAAGGamZmZmZnpP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DOTc3I0ZSQTE6NTI5OQ%3D%3D%2Fbn%3D93338%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Ftrib.com%2F$0;xdt=0;crlt=QaxI6iB8Bj;cmpl=8;gcsr=m;sttr=27;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.40.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-40-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
cache-control: private, no-cache, no-store
x-request-time: D=43 t=1646922573
x-served-by: beacon-n003-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

impression_pixel
t.myvisualiq.net/ul_cb/ Frame 4E48
Redirect Chain

https://t.myvisualiq.net/impression_pixel?r=115454796&et=i&ago=212&ao=993&aca=27173762&si=6603073&ci=165513127&pi=327183629&ad=519525076&advt=10142764&chnl=-7&vndr=115&sz=9675&u=&viq_did=&pt=i
https://t.myvisualiq.net/ul_cb/impression_pixel?r=115454796&et=i&ago=212&ao=993&aca=27173762&si=6603073&ci=165513127&pi=327183629&ad=519525076&advt=10142764&chnl=-7&vndr=115&sz=9675&u=&viq_did=&pt=i

43 B
573 B

18ms
18ms

Image
image/gif

35.156.68.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/ul_cb/impression_pixel?r=115454796&et=i&ago=212&ao=993&aca=27173762&si=6603073&ci=165513127&pi=327183629&ad=519525076&advt=10142764&chnl=-7&vndr=115&sz=9675&u=&viq_did=&pt=i
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1153793.3855423HYBRIDTHEORY/B27173762.327183629;dc_ver=85.248;sz=728x90;u_sd=1;gdpr=0;nel=1;dc_adk=533717427;ord=5ci2ke;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F5GAtF4dbxT90z9OonyHAPwAAAIDrUfw_nqGUHdbswT9d-SzPg7vHP0izegcJmAYa3fgmVKKvYHRMCypiAAAAADJyLwFRDAAA0QMAAAIAAAAw_ksU_NMaAAAAAABVU0QAVVNEANgCWgDTRQAAAAABAQUCAAAAAMIAKiYoYAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521EhpmpQjusfoXELD8r6IBGPynayAAKAAxAAAAAAAA4D86CUZSQTE6NTI5OUDnLUmDhv4JLlboP1EAAAAAAAAAAFkAAAAAAAAAAGGamZmZmZnpP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DOTc3I0ZSQTE6NTI5OQ%3D%3D%2Fbn%3D93338%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Ftrib.com%2F$0;xdt=0;crlt=QaxI6iB8Bj;cmpl=8;gcsr=m;sttr=27;prcl=s
Protocol: HTTP/1.1
Server: 35.156.68.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-68-250.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 10 Mar 2022 14:29:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://t.myvisualiq.net/ul_cb/impression_pixel?r=115454796&et=i&ago=212&ao=993&aca=27173762&si=6603073&ci=165513127&pi=327183629&ad=519525076&advt=10142764&chnl=-7&vndr=115&sz=9675&u=&viq_did=&pt=i
Date: Thu, 10 Mar 2022 14:29:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E48 41 KB
15 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 16:08:04 GMT

GET
H/1.1 200
OK verifyc.js Show response
rtb0.doubleverify.com/ Frame F7A8 1 KB
907 B 122ms
24ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verifyc.js?ctx=3758893&cmp=27167255&plc=327173780&sid=6603073&num=5&srcurlD=0&callback=__verify_callback_529501086078&jsTagObjCallback=__tagObject_callback_529501086078&ssl=1&refD=2&htmlmsging=1&guid=1646922573336582&brid=null&brver=&bridua=3&m1=13&fcifrms=9&brh=2&fwc=0&fcl=114&flt=0&fec=1957&vavbkt=&lvvn=28&dvp_idcerr=undefined&eparams=5G0FC%3Dl9EEADTbpTauTauEC%3A3%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauEC%3A3%5D4%40%3ETar9EEADTbpTauTauEC%3A3%5D4%40%3ETar9EEADTbpTauTauEC%3A3%5D4%40%3E&ver=103&dvp_exetime=4.00
Requested by: Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal75.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 35540116548dd90ecb99a75c347866353b47255065de606952690391ce631d4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Connection: keep-alive
Expires: 03/09/2022 14:29:33

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4E48 7 KB
5 KB 31ms
31ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

beb8b93aacf734da3e6bb73de2db0b63381b793a011414ee40ac278c9113b2c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5477
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9706 22 KB
8 KB 19ms
19ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 16:08:05 GMT
expires: Tue, 07 Mar 2023 16:08:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 253288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 75DF 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsudmyfsJ-gN5uS7lBkTFKuVtpD5ClQE19mM6uYfGSLWFOiuXG_f_rCMJFFL_b0qg6P0aifQ4Cc3hCV_VtVqPhy698__moeY0RqOWjLd4sq8MugOTje1ogpBnJhYtFMFOJk6VqEqdAzmbF-Q5T9XnVlc0bqXTC0YlvFI9eY86lkvzj_uFC7TQdKixcPUfmQsvGLRSH4gYegRoO5jsKsTHN-l1FK2ru1iRsShOtI0qahOTtF-nYGDleaIxLTQoL89m7Axj_5Ml-zycHjdqlainQfnf357F3A1IYkW1zTLGLnLsEzuVtmBl890tph-vHVpD6s&sig=Cg0ArKJSzL2PKgO4MuVaEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK bsredirect5.js Show response
rtbcdn.doubleverify.com/ Frame 75DF 1 KB
1 KB 34ms
33ms Script
application/javascript 2a02:26f0:12d:587::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_754196133944
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::4469 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3e660aba94db0f369cacbf00e60fc57e08baf1fb5b3bc80b8f7a15c5d7011641

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 11:34:09 GMT
Server: Microsoft-IIS/10.0
ETag: "af57ae9dcd20d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 842

GET
H2 200 durly.js Show response
c.evidon.com/ Frame 75DF 4 KB
2 KB 18ms
18ms Script
application/x-javascript 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=728;ad_h=90
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c7bf4752dbdffa34676c24001c158ccec95d09708252c7ea385f0aa00b263c33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 17:51:55 GMT
server: AkamaiNetStorage
etag: "f1438f07da47f1927ec8f4abb86d21b9:1642701115.070549"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1605

GET
H/1.1 200
OK tfav_adl_68.js Show response
j.adlooxtracking.com/ads/js/ Frame 75DF 64 KB
64 KB 26ms
25ms Script
application/javascript 5.135.142.37
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.135.142.37 , France, ASN16276 (OVH, FR),
Reverse DNS: js05.adlooxtracking.com
Software: nginx/1.15.8 /
Resource Hash: 2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Last-Modified: Tue, 14 Dec 2021 10:09:54 GMT
Server: nginx/1.15.8
ETag: "61b86d72-ffba"
Content-Type: application/javascript
Cache-Control: no-cache, max-age=60
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65466

GET
H/1.1

200
OK

px Show response
go.affec.tv/ Frame 75DF
Redirect Chain

https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=9095629165348729285&tag_id=19886642&creative_id=343683026&creative_size=728x90&reserve_price=0&price_paid=0.233689&bid_price=0.28823&ecp=1....
https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D622a0b4dbea1e3000177ccb1%26chc%3Daf%26floc%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx
https://map.go.affec.tv/map/an/8385895617895266525?ch=622a0b4dbea1e3000177ccb1&chc=af&floc=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
https://go.affec.tv/px

43 B
168 B

55ms
39ms

Script
image/gif

46.137.168.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/px
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: HTTP/1.1
Server: 46.137.168.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-168-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: //go.affec.tv/px
Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 71
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 75DF 85 KB
29 KB 31ms
30ms Script
application/x-javascript 184.30.24.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-185.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29216
Expires: Fri, 10 Mar 2023 14:29:33 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 75DF 0
819 B 58ms
58ms Image
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftrib.com%252F&e=wqT_3QLTFvD9UwsAAAMA1gAFAQjMlqiRBhDF46yKkNGKnX4Y3fGboaX0q7B0KjYJhfTS7YLpzT8RNqKE6LeXxj8ZAAAAgOtR_D8hBVy49Zjdyz8pGHjuPVxy0j8xAAAAIIXr0T8wsuS9CTjRGEDRB0gCUNLf8KMBWPyna2AAaNOLhQF4v9YFgAEBigEDVVNEkgEDVVNEmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDM2NzE5NzEsIDE2NDY5MjI1NzIpO3VmKCdpJywgNjIyNDEwMCwgMTY0NjkyMjU3Mik7dWYoJ2cnLCAxNzE4NDYwNyxCOwAwcycsIDI3MTQ3OTQzN0Y9ADByJywgMzQzNjgzMDI2Nh8A8LaSAoEPIWE1M1BOZ2l0X09jWUVOTGY4S01CR0FBZ19LZHJNQUE0QUVBQVNORUhVTExrdlFsWUFHQ05CR2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCQ1lNZnI5Y096RF9CQWNMMXhyNVNjdElfeVFFQUFBQUFBQUR3UDlrQmc0Yi1DUzVXNkRfZ0FlVHgtd0wxQWJaMllENllBZ0NnQWdHMUFnQUFBQUM5QWcBOdhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NElwcG5DSHhBTEdBSXRBATvYTG9EQ1VaU1FURTZOVEU1TWVBRDV5MkFCTDJRMmdlSUJMN0M3d2VRQkFHWUJBR3FCTlVIQ1BfXxUCCHdFURUMFF9fX0FSagEHDQEMOEJJUA0LAQEId0VvAQcRAQhBVEQRCxRfX184Qk8yLAAERkEBFhEBBEFVNlgAAFU2LAAAWREoAQEEQVc2WAAAYTYsAAB3ASQRAQRBWDZYAAhnQUgRGwWUAGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAiEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQt_AEBIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWAH5DQEhADYQAABrOhAAAG06EAB0c2dRS0NKdnB0QXdRaGF1TERib0VHZ2llQ1JHYW1aAQIQbkpQeGuhegkBJENDYjZiUU13UVMZIAg4a0UJHQEBGERZQkFEeEIBCw0BXGlBWEhLSkFGOGJ3eG1BV041Ym1CQWFrRg0fGEE4RC14QlERDjxBQXdRV0YyV0NvMGVINlA4CSgcSUNxendEX1IuKAAIMlFVDTXARHdQLUFGbC1FQjhBWGY3cGdJLUFXamotQUJnZ1lEUjBKUWlBWU9rQVlCbUFZQW9RWQ04LEFBQUtnR0JMSUdKQR3kAEIdzwRCawEmCQEAQx0YRExnR0NnLi6aApkBIUNSbWhXdzqFByhQeW5heUFBS0FBeAk-BQEANjK9BkBVRG5MVW1EaHY0SkxsYm9QMR1hAEYdeQBHPY0AMh0YAEgdMAxIZ0FpLpkH8NB3Li7YAudD4ALDy1nqAhFodHRwczovL3RyaWIuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA6L9I-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTE0LjIxNS4xMzGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA05NzcjRlJBMTo1MTkx2gQCCAHgBAHwBNLf8KMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAkOsNgFAeAFAfAFJ_oFBAgAEACQBgCYBgCiBg4zMTUzI0ZSQTE6NTMwMbgGAMEGAAUzKPA_0AblAtoGFgoQBRAdAVgQABgA4AYB8gZyCPG8MRJsS0JLSEdFdyGq2ERBQWtDQlFFSW41alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pjOWZRRFVPY3RXTFVwY1EBOwkBEGVBQ0JBXdZsaUFFQWtBRUFtZ0VDQ0FBLoAHAYgHAKAHAboHDwHJTBgAIAAwADi-BkAAyAe_1gXSBw0JEasBqAjaBwYJJ0TgBwDqBwIIAPAHw5sBiggCEAA.&s=70f6b655c3a737144e0582ca0af8a0d18a142aa6

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0af786b2-e05f-424f-a4ac-00524f43f255
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 75DF 117 KB
36 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:29:33 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 76C9 0
0 41ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstMbrDCD_XVkQOGmH25USBW_4r46H7Vnfolpl29No_Fz9FlKFiJqWfzAFG-kkEHtEkSk0tDUZm7ULlTzFQI1k_nok0D8ViODJddx9djjg1k5hcRNQta69YZB2U_mJnXf0obHyZFaR-Xzb53DJu3Wly8-2c5_vX8s_tEF6VPD1g2gOHxv5bnOquKm8ETyt2Sv4E5nSKFA6NflkrsMgsbg8saGfIs_EgH9U4xjuxZmmE2lmMPDvwOlO4T3b2VgNzqltuwzr3lrFfAPf-SmKJRYB-A9zGNeP2WMpwj8Zrddz4-tI8XmA37_EF4lQi9fBc&sig=Cg0ArKJSzERHzmbTzqdKEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 76C9 113 KB
39 KB 1860ms
1859ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e41a2f56fe577293a8828e34523bfc3d20de91e4eacc0de3a3917e9ab6fb477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40124
x-xss-protection: 0
server: cafe
etag: 109229518865688655
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:29:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76C9 117 KB
36 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:29:33 GMT

GET
H/1.1 200
OK dv-measurements2375.js Show response
cdn.doubleverify.com/ Frame BF66 511 KB
95 KB 31ms
30ms Script
application/javascript 2a02:26f0:12d:587::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2375.js
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::4469 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ddf16c461e55282bdeb11c642d461bd1e5f2e23730769c98d20cd69847792182

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 10:08:51 GMT
Server: Microsoft-IIS/10.0
ETag: "80fb6b82d432d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96638

GET
H3 200 cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js Show response
pagead2.googlesyndication.com/bg/ Frame 9706 35 KB
13 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7185190e99034cb89a0b114a5ba3c80f0803e34a9d860c4f1dc93f6bee202f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 12:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13775
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Mar 2023 12:54:50 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4E48 0
23 B 73ms
46ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK bsredirect5_internal75.js Show response
rtbcdn.doubleverify.com/ Frame 75DF 42 KB
13 KB 32ms
31ms Script
application/javascript 2a02:26f0:12d:587::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbcdn.doubleverify.com/bsredirect5_internal75.js
Requested by: Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_754196133944
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::4469 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 26ab9a29da8cc677c6f6015748470d12094f179666206637e5655da898243e81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 11:34:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0333ca5cd20d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13159

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C821 18 KB
8 KB 121ms
121ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4237121729629342&correlator=941097306093540&eid=31064150%2C31065372&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpHEHPVpHEHEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90i_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D728x90%26hb_pb_oftmedia%3D0.05%26hb_adid_oftmedia%3D2388180bec162b99%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.05%26hb_adid%3D2388180bec162b99%26hb_bidder%3Doftmedia&eri=1&cdm=trib.com&abxe=1&dt=1646922573472&lmt=1646922573&dlt=1646922570718&idt=812&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=e7m3sticccwy&adks=4028002665&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AGkb-H_exN2rHvLRXa0tJHQaSqNJgo7KGTOt1nzPvMNUreumsxEZ_SEGH_fyS365dDQTgCu_1gbGxhDrxA5GkIy_5AdkTGji%2CAGkb-H-wu5mgS9_I_rGsY1ZVvhnE2nF57exfCisJJoAbcp5RZ6ypiSrPkfN6U8HgDwJa3qJVFAFF1qOcJZHN6wRT7Qhh8L8B%2CAGkb-H-htEqeMLn4hFmzUOSOAwVICUwiz1dO7csB-py3nNiOdgqvFiNXBkmy4vMWJBqF7XnIP0q4pw5WiZgG6UCN3yXsK3Sc%2CAGkb-H8F4BoznVNrAyyVr0Y8TMHe0whDBliLGvOP2-CwOmWvFsnbK18_nT_g3C7ByYMdEsrllDHIOv8tzqp6XAlioA5TdX30%2CAGkb-H-b5mEaDTMjsOhc1NAEEcshkfuSNNM4zyWRtr-hIPL3285QmHLsbdCVx1EuLIevlSwqCHnTP8iUK9qBpl2ABle3Zv3B_jOJnUE%2CAGkb-H_OVKFMsqJ3p8DJFLZU6j7DDswV-ARopN4BFawR0pfS3xdMQq4giX8u42946imdn-mNab-qS5JFah20dDNWCLB3CsIB%2CAGkb-H_XOImelbLCQ2OIgbvooggplPJXkIRR09dAkQXhxFWMd8xQSIldHbVgnq_8f44Jt6AjnYXpSuOBSIOssrVYXV2HHUlnqbKvGB4%2CAGkb-H-pOjS80ycRgZL2-rxLB3Sugpanw3xkaL-DIqswO_J8_yMSqe2-PSLWrxM8P-k2MNoEtq1lw1viKBy3W6aUhT1ABdl2YlXygkk%2CAGkb-H8aTlgzBW-XoGPMuzyNpqmg98YlJ2aGX1C9xcTeorOZA5UFTUbXIzx_pdFru-0jrsT39-hQ7mCYLKpqFM74_-_t_XxU&ga_vid=327101017.1646922572&ga_sid=1646922573&ga_hid=1947673409&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72029f52ae3aed01efd0fe788ccabe47629726a0b2d849fabbe03c844662ccb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8382
x-xss-protection: 0
google-lineitem-id: 5111852800
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138274588173
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame F7A8 0
263 B 70ms
23ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=4129829b29bc460fb94808e805bef00f&vfdur=123&cbust=1646922573475676
Requested by: Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal75.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
Vary: Origin
Access-Control-Allow-Origin: https://trib.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 03/09/2022 14:29:33

GET
H2 200 globalpassback_728x90.gif
cdn.besafe.global/ Frame F7A8 13 KB
13 KB 99ms
24ms Image
image/gif 2600:9000:2057:f400:8:455e:4a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.besafe.global/globalpassback_728x90.gif
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:f400:8:455e:4a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db4a67617b6be8a7e51017e4c994206bd238e35db41d2e70e1efcb9d922d51f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 02:51:14 GMT
via: 1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront)
last-modified: Mon, 28 Oct 2019 18:58:12 GMT
server: AmazonS3
age: 42258
etag: "22f3923c56222a82263c1112dd44f5fb"
x-amz-meta-sha256: db4a67617b6be8a7e51017e4c994206bd238e35db41d2e70e1efcb9d922d51f9
content-type: image/gif
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 12928
x-amz-cf-id: MDWzn8rk1vQxDx6e8k60rH6qZYjxNMVAAQTpABj3mTUr66jFrYclzg==
x-amz-meta-s3b-last-modified: 20190925T124242Z

GET
H2 200 4.gif
c.evidon.com/a/ Frame F7A8 43 B
335 B 19ms
18ms Image
image/gif 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/a/4.gif
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=728;ad_h=90
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2010 17:07:29 GMT
server: AkamaiNetStorage
etag: "65786c291a4603aa5150a1884452838d:1271351254"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/gif
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 53

GET
H2 200 ba.js Show response
c.evidon.com/geo/ Frame F7A8 41 KB
12 KB 20ms
19ms Script
application/x-javascript 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/ba.js?r220120
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=728;ad_h=90
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a28b9871dc80175bbb6cbaadf100abc925d5e106f0254c8f8a13d34141d90bfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 17:51:35 GMT
server: AkamaiNetStorage
etag: "1e1cf06df2b98e267c5e511e819fb810:1642701095.049463"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12426

GET
H/1.1 200
OK verifyc.js Show response
rtb0.doubleverify.com/ Frame 75DF 1 KB
906 B 26ms
26ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verifyc.js?ctx=3758893&cmp=27163524&plc=329545779&sid=6603073&num=5&srcurlD=0&callback=__verify_callback_754196133944&jsTagObjCallback=__tagObject_callback_754196133944&ssl=1&refD=2&htmlmsging=1&guid=1646922573517518&brid=null&brver=&bridua=3&m1=13&fcifrms=9&brh=2&fwc=0&fcl=114&flt=0&fec=1957&vavbkt=&lvvn=28&dvp_idcerr=undefined&eparams=5G0FC%3Dl9EEADTbpTauTauEC%3A3%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauEC%3A3%5D4%40%3ETar9EEADTbpTauTauEC%3A3%5D4%40%3ETar9EEADTbpTauTauEC%3A3%5D4%40%3E&ver=103&dvp_exetime=15.40
Requested by: Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal75.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 76333e7d798ef2326bcfb3905af21e18999cbb3576bf2c6c254055dfca2fa7e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Connection: keep-alive
Expires: 03/09/2022 14:29:33

GET
H2 200 153615.js Show response
c.evidon.com/a/n/1267/ Frame F7A8 3 KB
1 KB 21ms
20ms Script
application/x-javascript 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/n/1267/153615.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220120
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 94e8b99f224b394ce1a5031b2f1742c551f635eed13a813716a475d8275f46c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
last-modified: Thu, 08 Oct 2020 14:46:33 GMT
server: AkamaiNetStorage
etag: "6824cb2ff4568d14eda7aff13744195c:1602168393.36391"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=600
accept-ranges: bytes
access-control-allow-headers: *
content-length: 867

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame BF66 2 KB
1 KB 167ms
29ms Script
text/javascript 213.254.244.24
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=128&ttfrms=27&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauEC%3A3%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauEC%3A3%5D4%40%3ETar9EEADTbpTauTauEC%3A3%5D4%40%3ETar9EEADTbpTauTauEC%3A3%5D4%40%3ETar9EEADTbpTauTau25%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTau25%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETau55%3ETau25%3ATau%7D%60%60dbfhb%5Dbgddcabw*q%23xs%25wt~%23*Tauqaf%60fbfea%5Dbaf%60gbeahTbq540G6CTbsgd%5DacgTbqDKTbsfagIh_TbqF0D5Tbs%60Tbq85ACTbs_Tbq%3F6%3DTbs%60Tbq54025%3CTbsdbbf%60fcafTbq%40C5Tbsd4%3Aa%3C6Tbq4%3D%3A4%3CTbs9EEADTadbpTadauTadau7C2%60%5C%3A3%5D25%3FID%5D4%40%3ETadau4%3D%3A4%3CTadbudvpEuc53I%25h_Kh~%40%3FJwp!HpppxsC%267H0%3FBv%26w53DH%25h5%5C%24K!8fGw!_%3AK684y%3Ep*2b78%3E%27zzG*w%23%7CrJA%3ApppppsyJ%7BHu%23sppp_%22%7CpppxppppH0%3CD%260%7D%7C2ppppppq%27%26_%22p%27%27%7Dtp%7D8r(8s%25%23%22pppppqp%22%26rppppp%7Cxpz%3A*%40*pppppp%5DTadau34CTadbsppppppppgsgTadbsTadau4%3F5TadbsTadada%60t9A%3EA%22%3BFD7%40)t%7BsgCexqv!J%3F2JppzppIppppppppcsger%26%2B%24%22%25te%7D%25xd~%26s%3F%7B%26%3Es9Gcy%7B%3D3%40!%60tppppppppppu%3Cppppppppppvv2%3E%2B%3E%2B%3E%2B%3FA!a%3Cppppppppppwtppppppppppw8p%3A%22tpppppppsH!H%5D%5DTadau442Tadbs~%254bx_%2B%24%22%25te%7D%25xd~%22TadbsTadbsTadau3%3FTadbshbbbgTadau4%3D%3A4%3C6%3F4TadbsTbqF249Tbs(Jx%3A%7Brx%3A%7Brx%3A%7Brx%3A%7Brx%3A%7BuE5%7Bvd%603vHD3%3F%27D3rH%3Ax%3AI3)%27_%5DTbq540C7%3DTbsaTar9EEADTadbpTadauTadauEC%3A3%5D4%40%3ETadauTac_TbqI5ETbs_Tbq4C%3DETbs%222Ixe%3Aqgq%3BTbq4%3EA%3DTbsgTbq84DCTbs%3ETbqDEECTbsafTbqAC4%3DTbsD&srcurlD=2&aUrlD=4&ssl=https:&dfs=154&ddur=83&uid=1646922573584469&jsCallback=dvCallback_1646922573584278&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2375&tgjsver=2375&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN1153793.3855423HYBRIDTHEORY%2FB27173762.327183629%3Bdc_ver%3D85.248%3Bsz%3D728x90%3Bu_sd%3D1%3Bgdpr%3D0%3Bnel%3D1%3Bdc_adk%3D533717427%3Bord%3D5ci2ke%3Bclick%3Dhttps%253A%252F%252Ffra1-ib.adnxs.com%252Fclick%253F5GAtF4dbxT90z9OonyHAPwAAAIDrUfw_nqGUHdbswT9d-SzPg7vHP0izegcJmAYa3fgmVKKvYHRMCypiAAAAADJyLwFRDAAA0QMAAAIAAAAw_ksU_NMaAAAAAABVU0QAVVNEANgCWgDTRQAAAAABAQUCAAAAAMIAKiYoYAAAAAA.%252Fbcr%253DAAAAAAAA8D8%253D%252Fcnd%253D%252521EhpmpQjusfoXELD8r6IBGPynayAAKAAxAAAAAAAA4D86CUZSQTE6NTI5OUDnLUmDhv4JLlboP1EAAAAAAAAAAFkAAAAAAAAAAGGamZmZmZnpP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%252Fcca%253DOTc3I0ZSQTE6NTI5OQ%253D%253D%252Fbn%253D93338%252Fclickenc%253D%3Buach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.%3Bdc_rfl%3D2%2Chttps%253A%252F%252Ftrib.com%252F%240%3Bxdt%3D0%3Bcrlt%3DQaxI6iB8Bj%3Bcmpl%3D8%3Bgcsr%3Dm%3Bsttr%3D27%3Bprcl%3Ds&fcifrms=9&brh=2&sdf=2&dvp_epl=1428&noc=4&ctx=3758893&cmp=27173762&sid=6603073&plc=327183629&crt=165513127&btreg=519525076&btadsrv=doubleclick&adsrv=1&advid=10142764&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=101967575.18723524&dvp_tukv=16627226284.43686&dvp_uuid=9808161267.42424&dvp_strhd=0.20000076293945312&dvpx_strhd=0.20000076293945312&dvp_tuid=372818935003
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2375.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.24 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: b2d5dacc79aa6d5b0602ded5ebfb71d2ce08eeb285d966d487047981cc253d34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:28:59 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 03/09/2022 14:29:33

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 2DA7 0
0 54ms
54ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvr1l1K8C0CjC9Ii9rgnU9FVm-u46WUcM74L_PiB66M3Z-UCdFGSOEV2XjdgOLAmfUFVWD4rA93StXh6Gjs3F_FOvX7gZ-SZ1dVJg3_cTf7OuPmMLPwmaLWBUL2fX9iIBPI-SqptVr88o8yAErmQfl3-H3PZweMVhY_cmy1ndRt9A_LAIvgaatK3wNAJMdgX0qhmZjUdoVv0V8mnJiOK-ilJa5PjtzKCzEUKM2GY5YeCdxwVD_yVMpfiV2ES1hpHX59VnCsQbj6jRGTuXSOxBuOCb4-3lyMPe96gCa1mYyWbevJdp4O72FycEUIGxBLrg&sig=Cg0ArKJSzF2kpRqwahbiEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 2DA7 134 KB
45 KB 144ms
51ms Script
text/javascript 104.108.144.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUL2446F

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-144-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

29097afbe55a504f31656a6258acc1a5c7c05f18ebd092d825a1e7011ad23fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-mnt-h: 10-9
content-encoding: gzip
server: Apache
etag: "7bc7cf3a22df5ec6761f41524aca3724"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Thu, 10 Mar 2022 14:29:33 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-18
expires: Thu, 10 Mar 2022 14:34:33 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 2DA7 35 B
329 B 144ms
23ms Image
image/gif 2.16.186.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=19886642&other_prv=9&jar_err=&current_day=4.0&adtyp=0&req_id=8995450511507355087&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0000&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=14.0252&exp=&second_bidder=*&search_res=76&floor_bucket=0.00&gpid_format=&seat=&size=728x90&f_seg=&prdp=0.0528&local_wr_url=0.0000&ogcbdp=0.2200&dfpbd=0.0528&server=1&ogerpm_wd_bkt=0-1&model_version=202203100302_generic_appn_2-cid_1&viewability=0.8700&dmm_r=0.9860&cut=76&dmm_l=0.0220&as_cache=1&tcyerpm=&sc=NI&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=trib.com%2F&bidrestime=1646922573302&cc=DE&strg=harmony&ss=&current_hour=14&time_stamp=2022-03-10+14%3A29%3A33&model_key=generic_appn_2-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.2200&ct=Brake&akey=&mnckfl=0&bdp_bucket=0.20&algo=&dc=eu_be&splid=19886642&dim4=exploration&dn=trib.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F99.0.4844.51+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=61fbddadb01047ffab92f01b25a1da2a&infl=&o_ver=NT+10.0&br_ver=99.0.4844.51&bdmm_m6=0.0000&bdmm_m7=1.6350&bdmm_m5=0.0000&ver=8.11.0&totalTimeBucket=2&visibility=0&totalTime=2177890&dmm_m1=2022-03-10+14%3A29%3A33.303335624&e_rpm=0.2130&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=1.6350&cid=8CU6M287B&bcrid=305103290&rawbid=0.2200&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-6bd948ffdb-4knwf.BE&dfp_bucket=0.06&adblk=&itype=appnexus&pvid_seat=9&cliIP=3648182016&advurl=content.businessinfoline.com%2F&level_base=0&crid=856004011&sat=1&br_id=265&cut_bkt=75&gpid=&iwb=1&dmm_d22=0.02&second_bid=0.000000&sc_pvid=9&capd=0&other_bids=0.22
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-67.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 10 Mar 2022 14:29:33 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame 2DA7 61 KB
62 KB 106ms
27ms Script
application/javascript 104.108.144.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-144-24.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=604800
server: nginx
date: Thu, 10 Mar 2022 14:29:33 GMT
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=68171
access-control-allow-credentials: true
content-length: 62892
expires: Fri, 11 Mar 2022 09:25:44 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 2DA7 85 KB
29 KB 54ms
54ms Script
application/x-javascript 184.30.24.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-185.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29216
Expires: Fri, 10 Mar 2023 14:29:33 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 2DA7 0
819 B 26ms
25ms Image
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftrib.com%252F&e=wqT_3QLJBPBMSQIAAAMA1gAFAQjNlqiRBhDLt4yp16O_ik8Y3fGboaX0q7B0KjYJiUFg5dAiqz8RhLuzdtuFpj8ZAAAAgOtR_D8hhLuzdtuFpj8piUEJJNAxAAAAIIXr0T8wsuS9CTjRGECVCUhgULqDvpEBWPyna2AAaNOLhQF4y9gFgAEBigEDVVNEkgUG9F4BmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsPLWeoCEWh0dHBzOi8vdHJpYi5jb20vgAMAiAMBkAMAmAMXoAMBqgNBEhg4OTk1NDUwNTExNTA3MzU1MDg3X3NiaWQaEzU2OTg0NTc3MzE0OTE2MzQxMjMiCTMwNTEwMzI5MCoFTTExNzPAA6wCyAMA2AOi_SPgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjExNC4yMTUuMTMxqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqDvpEBiAUBmAUAoAXP64HoyNKQ63zABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAAAAAAAAAAABT5kABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOL4GQADIB8vYBdIHDQkJNgk4CNoHBgknROAHAOoHAggA8AfDmwGKCAIQAA..&s=ae6aacff9d2a02ddb8ae4c23ad16f5c791fca885

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3a916982-b492-4199-bf38-66e8f09d4a31
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2DA7 117 KB
36 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:29:33 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 75DF 0
263 B 25ms
25ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=bc9cda281d8441468fa00e5691b1d6a5&vfdur=27&cbust=1646922573615165
Requested by: Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal75.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
Vary: Origin
Access-Control-Allow-Origin: https://trib.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 03/09/2022 14:29:33

GET
H2 200 globalpassback_728x90.gif
cdn.besafe.global/ Frame 75DF 13 KB
13 KB 27ms
26ms Image
image/gif 2600:9000:2057:f400:8:455e:4a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.besafe.global/globalpassback_728x90.gif
Requested by: Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:f400:8:455e:4a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db4a67617b6be8a7e51017e4c994206bd238e35db41d2e70e1efcb9d922d51f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 02:51:14 GMT
via: 1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront)
last-modified: Mon, 28 Oct 2019 18:58:12 GMT
server: AmazonS3
age: 42258
etag: "22f3923c56222a82263c1112dd44f5fb"
x-amz-meta-sha256: db4a67617b6be8a7e51017e4c994206bd238e35db41d2e70e1efcb9d922d51f9
content-type: image/gif
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 12928
x-amz-cf-id: SwTkOzDePjlR6fKpBEwGPXo5BO1-eznvgi_tNPyxquZB6a1mK4tjdg==
x-amz-meta-s3b-last-modified: 20190925T124242Z

GET
H2 200 4.gif
c.evidon.com/a/ Frame 75DF 43 B
335 B 24ms
24ms Image
image/gif 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/a/4.gif
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=728;ad_h=90
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2010 17:07:29 GMT
server: AkamaiNetStorage
etag: "65786c291a4603aa5150a1884452838d:1271351254"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/gif
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 53

GET
H2 200 ba.js Show response
c.evidon.com/geo/ Frame 75DF 41 KB
12 KB 25ms
25ms Script
application/x-javascript 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/ba.js?r220120
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=728;ad_h=90
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a28b9871dc80175bbb6cbaadf100abc925d5e106f0254c8f8a13d34141d90bfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 17:51:35 GMT
server: AkamaiNetStorage
etag: "1e1cf06df2b98e267c5e511e819fb810:1642701095.049463"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12426

GET
H2 200 153615.js Show response
c.evidon.com/a/n/1267/ Frame 75DF 3 KB
1 KB 23ms
23ms Script
application/x-javascript 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/n/1267/153615.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220120
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 94e8b99f224b394ce1a5031b2f1742c551f635eed13a813716a475d8275f46c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:33 GMT
content-encoding: gzip
last-modified: Thu, 08 Oct 2020 14:46:33 GMT
server: AkamaiNetStorage
etag: "6824cb2ff4568d14eda7aff13744195c:1602168393.36391"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=600
accept-ranges: bytes
access-control-allow-headers: *
content-length: 867

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9706 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7Q3wTQsqYqjoEL2NjuwP8Na-UAAAAAA4AeAEAg&bg=!1tWl1ZHNAAb7UztL-1M7ACkAdvg8Wgc9HlZU72-7E6I1Gibv_FtfXeKy9EveNlXTgwXcjeY2O3Y8SAIAAAC9UgAAAAFoAQeZAyRQzOqChpWp4OCrROAQDDXzgPL6CsjljO4aWbnEQthnAF4ofrBHCaovSA7YIkHt93O3ldrFq6lrNIMBBtS36X_V4xu5kTHriz-2qaPz0JGA71ZG52ho1Rpp3yGWkTJMeOPXLard8P02-WSILnbNK1mj4mj3JS39E39YYC41EoR5Un2wijr2HRG60U2YhdeXitJ8KY10MGPMcqRcvbdb6QMr5rj-Sydz2dqX5odmLLu_JVD4EuailGd6ClNHDCFvryg5GSlcU2dWjJsyphyHzj6a8l_-aFYaWhQMZL1btSjHUuBMf720tRZieA4CrzAQmTjxBo9FQ-A-DqXIsctKI3XgBqKh9nAcf-THpUkB8He03tCDZ8in_mWp9wEguF-qrbB8vQhamcWrGji_Q4riTZs0-qa56Cu-JxzaoTFWMI8iRCni7tWIz1RB8Rqh_uT08jxQ2uP8q2b_G48rC5PntyYOf5sMfjIZga7xg05ZajKpN9C7QmRrhEDkEYiuRkFq82BI9-jXUy09qtdf9zZatHf4OzylZLT6aHeVke8C6a2pIF0Whisl6u0pwAKq6hconAdRJCvKsquPM1bi5nJuxtbfCCCzCzFFeCSUCDODQ34NKBZMwbhNgptfTdZNH2gXOrM-RUgzth3R5fqCKyyS13fezpIDyyd2Yf-PbTiHXZEHy2UWmkDowtmt60ZalZSa608bFS89hWAd8Cq_tTyeHYhG5uBqL6b_xi6uHO2C4WGRaDTQqME3u_9PhaqciqGsvJwMe3napFQjF7hu2sJEqeZV2gPVPlNHmqussDQdOAWzkOtpQrwQLYAbStC9WGqsz7U7QVQt3fFE0babg7ODp_bdcscnbz8Yn4SNfrHf7nqjCRgHpqDi8b5dPcBOFuaImIMu_FlntZ0SfVw51bJMVV9rgftn_NppmJtIMPkkk8wV9DVbxLhmCNRGg_r21ueMVgA-BWVHZYkhnAEaB-CmSR7xcL_5KDQ-FFnR7ERjjcdKIzBQu1mQqtRzwGAOVozNP_wyxGHKQnqoBIFmf1p_nFSjODJmsvdU3TT5N9OkFROWxLzCQxA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0FF3 52 KB
17 KB 68ms
18ms Document
text/html 184.30.24.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3153&pub_id=1424069
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-185.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 11 Mar 2022 14:29:35 GMT
Date: Thu, 10 Mar 2022 14:29:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame F7A8 0
819 B 21ms
21ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftrib.com%2F&e=wqT_3QL-DvD9fgcAAAMA1gAFAQjMlqiRBhDa7Les5fjk0WQY1sHQurHe-M4ZKjYJIOX4wPly1z8REqUTJwy20T8ZAAAAgOtR_D8hT-bdYMFA1j8pn6ut2F923T8xAAAAIIXr0T8wsuS9CTjRGEDRB0gCUOXJ1qEBWPyna2AAaNOLhQF44dUFgAEBigEDVVNEkgEDVVNEmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDM2NzE5NjMsIDE2NDY5MjI1NzIpO3VmKCdpJywgMzA5OTM1NCwgMTY0NjkyMjU3Mik7dWYoJ2cnLCAxNTUxMDQ2NSxCOwAwcycsIDI2ODIzMTc4NEY9ADByJywgMzM5MDU5OTQxNh8A9F4BkgKVBSFDSVl3a2dqc3Nmb1hFT1hKMXFFQkdBQWdfS2RyTUFBNEFFQUFTTkVIVUxMa3ZRbFlBR0JlYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFFVUlZdGVMV2pXUDhFQkRnSG81SEIyM1RfSkFRQUFBQUFBQVBBXzJRR0RodjRKTGxib1AtQUIycFc5QWZVQlpVR3pQcGdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYUlERGdpSXJPY1pFQXNZQWkwQUFBQUF1Z01KUmxKQk1UbzBORE15NEFQbkxZQUVxWkRhQjRnRXdvM29CNUFFQVpnRUFiSUVDZ2liNmJRTUVJV3JpdzJ5QkFvSXU0R3lBeENGcTRzTnVnUWFDTzBJRVRNek16TXpNLU1fR1FBQUFBAeFUQUFJTHVCc2dPNkJCb0luZ2tSbXBtWgECDHlUOFoJIgUBIGdtLW0wRE1FRREgEDZUX0pCBRsJARQyQVFBOFExOQFZVGdGMENLUUJmRzhNWmdGNk1qemY2a0YBGwEBEDhELXhCHS80d1FVYmNaMDFzeTcxUDgJKBw0TWZzMERfUi4oAAgyUVUBP9BBQUFEd1AtQUYwLWNDOEFYQjE3SUgtQVdiai1BQmdnWURSMEpRaUFZT2tBWUJtQVlBb1FZQQE2BQEkS2dHQkxJR0pBawUPBQEEQkUFBwUBBEJrBQcFAQBDHRhETGdHQ2cuLpoCmQEhRFJsc1ZROpkCKFB5bmF5QUFLQUF4BT0JAVw2Q1VaU1FURTZORFF6TWtEbkxVbURodjRJVQAxHWEARh15CEdHYSGJFG1abnBQMh0YAEgdMBBIZ0FpUREQ8D5Ed1B3Li7YAudD4ALDy1nqAhFodHRwczovL3RyaWIuY29tL_ICEQoGQURWX0lEEgczNjcxOTYz8gISCgZDUEcBFAQIMW3IARUIBUNQARQACXW-PPICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhAQCgVJTwFhAAeNWgDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNAAkV2fCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDov0j4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMTQuMjE1LjEzMagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDTk3NyNGUkExOjQ0MzLaBAIIAeAEAfAEpdAgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULiAAAANgFAeAFAfAFJ_oFBAgAEACQBgCYBgCiBg4zMTUzI0ZSAWEcNjU0uAYAwQYBMDAAAPA_0AblAtoGFgoQCREZAVgQABgA4AYB8gZyCPG8MRJsSEJMMEZrd0HC2ERBQWtDQlFFSW41alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pjOWZRRFVPY3RXSzRrY1EBOwkBEGVBQ0JBfe0EaUGllVBBbWdFQ0NBQS6ABwGIBwCgBwG6Bw8ByUgYACAAMAA4vgZAAMgH4dUF0gcNFfUYEAAYANoHBgknROAHAOoHAggA8AfDmwGKCAIQAA..&s=192999d68884270add08d44e0d4728082a794c8e&bdref=https%3A%2F%2Ftrib.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ftrib.com%2F,https%3A%2F%2Ftrib.com%2F,https%3A%2F%2Ftrib.com%2F&

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 793bd404-aea3-43e0-a27e-1ba53a91f349
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2B6D 52 KB
17 KB 84ms
27ms Document
text/html 184.30.24.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3153&pub_id=1424069
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-185.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 11 Mar 2022 14:29:35 GMT
Date: Thu, 10 Mar 2022 14:29:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 2B33 0
819 B 24ms
23ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftrib.com%2F&e=wqT_3QL-DvD9fgcAAAMA1gAFAQjMlqiRBhDI5uq7kIGmgxoY3fGboaX0q7B0KjYJ5GAtF4dbxT8RdM_TqJ8hwD8ZAAAAgOtR_D8hnqGUHdbswT8pXfksz4O7xz8xAAAAIIXr0T8wsuS9CTjRGEDRB0gCULD8r6IBWPyna2AAaNOLhQF4mtkFgAEBigEDVVNEkgEDVVNEmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDM2NzE5NzEsIDE2NDY5MjI1NzIpO3VmKCdpJywgNTg3NDc0MSwgMTY0NjkyMjU3Mik7dWYoJ2cnLCAxNTUxMDQ2NyxCOwAwcycsIDI2ODIzMTg0N0Y9ADByJywgMzQwNTI0NTkyNh8A8LaSApUFIU9vTU1tUWp1c2ZvWEVMRDhyNklCR0FBZ19LZHJNQUE0QUVBQVNORUhVTExrdlFsWUFHQ05CR2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCcGtsZzlIME13al9CQVN2MFdoaHd1OGNfeVFFQUFBQUFBQUR3UDlrQmc0Yi1DUzVXNkRfZ0FiWEk1Z0wxQVFBQUFELVlBZ0NnQWdHMUFnQUFBQUM5QWcBOdhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NElsYXpuR1JBTEdBSXRBATvwZUxvRENVWlNRVEU2TlRJNU9lQUQ1eTJBQkxQcjRRZUlCTGJyNFFlUUJBR1lCQUd5QkFvSW0tbTBEQkNGcTRzTnNnUUtDTHVCc2dNUWhhdUxEYm9FR2dqdENCRXpNek16TXpQalB4awFqCQFMQ0M3Z2JJRHVnUWFDSjRKRVpxWm0BAhBja19HUQkjAQEkSUp2cHRBekJCSg0gEGVrX3lRHSEYTmdFQVBFRQEsCQFYQ0lCYk1wa0FYeHZER1lCYWZKODMtcEIRMxRQQV9zUVUJKwEBCE1FRgEHAQEMNERfSgUoHEdCOUROSV8wLigABE5rFSjAOERfZ0JlMlFBZkFGdzlleUJfZ0ZvNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHQQFdOEFBQTRELW9CZ1N5QmlRSgEQDQEAUg0IAQEAWgEFDQEAaA0ISEFBQUM0QmdvLpoCmQEhRWhwbXA-mQIoUHluYXlBQUtBQXgBLwEBDDREODYy0QFAVURuTFVtRGh2NEpMbGJvUDE9NARGawEzCQEIR0dhJYkQWm5wUDIdGABIHTAMSGdBaS6tArh3Li7YAudD4ALDy1nqAhFodHRwczovL3RyaWIuY29tL_ICEQoGQURWX0lEEgczNmXuNPICEgoGQ1BHX0lEEggxbcgBFQgFQ1ABFAAJdb4Q8gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVkRDxALCgdDUBUOEBAKBUlPAWEgBzU4NzQ3NDHyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNAAkV2fCwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDov0j4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMTQuMjE1LjEzMagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDTk3NyNGUkExOjUyOTnaBAIIAeAEAfAEsPyvogGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAQy4AADYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYOMzE1MyNGUkExOjUzMDa4BgDBBgAFMyjwP9AG5QLaBhYKEAUQHQFYEAAYAOAGAfIGcgjxvDESbExSSXhHVXdBjNhEQUFrQ0JRRUluNWpRQlJEc2dNNEJHSzJ4WUNBSEtBQkFvTlM1QWtqYzlmUURVT2N0V0xvcGNRATsJARBlQUNCQXH5eEFBQWlBRUFrQUVBbWdFQ0NBQS6ABwGIBwCgBwG6Bw8ByUwYACAAMAA4vgZAAMgHmtkF0gcNCRGrGBAAGADaBwYJJ0TgBwDqBwIIAPAHw5sBiggCEAA.&s=2a59992652e939900678262c528e2660cd5488ef&bdref=https%3A%2F%2Ftrib.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ftrib.com%2F,https%3A%2F%2Ftrib.com%2F,https%3A%2F%2Ftrib.com%2F&

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 56ef4793-08c7-497e-90a8-2aada725aff7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F7A8 0
0 51ms
50ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvixtsb1DmhZZgnAU_VmvSO36R2j1uf-xG8QHGsRYuZMfucSyhwqvF8Ix66YZlyIgCxQ-k7DN60WhH4okhI_6xKwxR0lo0dtsFw6d-OzL63EmcciIIDRK7xeLQi-pQzZ1DVVNI8OahE7ddbJLKngLw6sN6pg4J2IUKUX9qNRBtwkrn2wXe7iPPlKsOk1_6aWHDFTgc1cO3AXEve3TsxMeD7ISI5Wlj9Q3gRGYLNe9xHqXeBjXxt0K-5suT1XRhsTKPeNfC_OU1EeP-2FaE50iSVM3SCVqEiJVBHI_-KnBhbqmRZ3_YrI6LTfaXg4XxEZCGO8g&sig=Cg0ArKJSzA5TJ2DREvhXEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame F7A8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 777799d7c87d41c1e47971e8fba21ffeb617ee82f63e0d3ef5d602643e3b9cdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame F7A8 0
834 B 21ms
21ms Ping
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftrib.com%2F&e=wqT_3QLnDPD9ZwYAAAMA1gAFAQjMlqiRBhDa7Les5fjk0WQY1sHQurHe-M4ZKjYJIOX4wPly1z8REqUTJwy20T8ZAAAAgOtR_D8hT-bdYMFA1j8pn6ut2F923T8xAAAAIIXr0T8wsuS9CTjRGEDRB0gCUOXJ1qEBWPyna2AAaNOLhQF44dUFgAEBigEDVVNEkgEDVVNEmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDM2NzE5NjMsIDE2NDY5MjI1NzIpO3VmKCdpJywgMzA5OTM1NCwgMTY0NjkyMjU3Mik7dWYoJ2cnLCAxNTUxMDQ2NSxCOwAwcycsIDI2ODIzMTc4NEY9ADByJywgMzM5MDU5OTQxNh8A9F4BkgKVBSFDSVl3a2dqc3Nmb1hFT1hKMXFFQkdBQWdfS2RyTUFBNEFFQUFTTkVIVUxMa3ZRbFlBR0JlYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFFVUlZdGVMV2pXUDhFQkRnSG81SEIyM1RfSkFRQUFBQUFBQVBBXzJRR0RodjRKTGxib1AtQUIycFc5QWZVQlpVR3pQcGdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYUlERGdpSXJPY1pFQXNZQWkwQUFBQUF1Z01KUmxKQk1UbzBORE15NEFQbkxZQUVxWkRhQjRnRXdvM29CNUFFQVpnRUFiSUVDZ2liNmJRTUVJV3JpdzJ5QkFvSXU0R3lBeENGcTRzTnVnUWFDTzBJRVRNek16TXpNLU1fR1FBQUFBAeFUQUFJTHVCc2dPNkJCb0luZ2tSbXBtWgECDHlUOFoJIgUBIGdtLW0wRE1FRREgEDZUX0pCBRsJARQyQVFBOFExOQFZVGdGMENLUUJmRzhNWmdGNk1qemY2a0YBGwEBEDhELXhCHS80d1FVYmNaMDFzeTcxUDgJKBw0TWZzMERfUi4oAAgyUVUBP9BBQUFEd1AtQUYwLWNDOEFYQjE3SUgtQVdiai1BQmdnWURSMEpRaUFZT2tBWUJtQVlBb1FZQQE2BQEkS2dHQkxJR0pBawUPBQEEQkUFBwUBBEJrBQcFAQBDHRhETGdHQ2cuLpoCmQEhRFJsc1ZROpkCKFB5bmF5QUFLQUF4BT0JAVw2Q1VaU1FURTZORFF6TWtEbkxVbURodjRJVQAxHWEARh15CEdHYSGJFG1abnBQMh0YAEgdMBBIZ0FpUREQ9BcBRHdQdy4u2ALnQ-ACw8tZ6gIRaHR0cHM6Ly90cmliLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOi_SPgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjExNC4yMTUuMTMxqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQNOTc3I0ZSQTE6NDQzMtoEAggB4AQB8ATlydahAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYOMzE1MyNGUkExOjQ2NTS4BgDBBgAAAAAAAPA_0AblAtoGFgoQAAkSFQFYEAAYAOAGAfIGcgjxvDESbEhCTDBGa3chq9hEQUFrQ0JRRUluNWpRQlJEc2dNNEJHSzJ4WUNBSEtBQkFvTlM1QWtqYzlmUURVT2N0V0s0a2NRATsJARBlQUNCQV3WBGlBhX5QQW1nRUNDQUEugAcBiAcAoAcBugcPAclIGAAgADAAOL4GQADIB-HVBdIHDRX1GBAAGADaBwYJJ0TgBwDqBwIIAPAHw5sBiggCEAA.&s=95bb09c26845b61d1021e9c483489fd4359d65c3&type=nv&nvt=5&jm=1003&px=436&py=1120&bw=728&bh=90&sid=7175670301849930203&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19886642&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=6192&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b12e1772-9e6a-4e82-8c8f-6e214b0ef5af
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 2B33 0
0 41ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsunMJfGyJ-MpOrFPmSKWbC8YVkoJLETz-AiNU6ui2elIXLDr856DIPS-NfNJbfaLewPln_CjsOigRDBWHJU3XMgFNLlf-DgMR_8pe2OkdpFnpfx5OSkne15PDHszxJjbd7IHq0MCQHof2-GjwlpVZ2nNUeAjD1VEkvrKpOL7zotQSPaS_YVDOL70B1kvB3AoZeYCKVoav0GEaRCSidSodIdHgOS22-H6EKPupkxjzaQNJ9EEr8IGq4UAeAcmvcSe9jwR8JepMY-0gur-_0521cMdD_qm-lNAU4rUmbi3kUNnw8J9Cza2BCy_DjCQkB-O5Lm_A&sig=Cg0ArKJSzCGQlaRh13p8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 2B33 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdebed63f916b39b263cee1a2464375418649386ec10d41ef5e12ec3c6afe30e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 2B33 0
834 B 19ms
19ms Ping
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftrib.com%2F&e=wqT_3QLnDPD9ZwYAAAMA1gAFAQjMlqiRBhDI5uq7kIGmgxoY3fGboaX0q7B0KjYJ5GAtF4dbxT8RdM_TqJ8hwD8ZAAAAgOtR_D8hnqGUHdbswT8pXfksz4O7xz8xAAAAIIXr0T8wsuS9CTjRGEDRB0gCULD8r6IBWPyna2AAaNOLhQF4mtkFgAEBigEDVVNEkgEDVVNEmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDM2NzE5NzEsIDE2NDY5MjI1NzIpO3VmKCdpJywgNTg3NDc0MSwgMTY0NjkyMjU3Mik7dWYoJ2cnLCAxNTUxMDQ2NyxCOwAwcycsIDI2ODIzMTg0N0Y9ADByJywgMzQwNTI0NTkyNh8A8LaSApUFIU9vTU1tUWp1c2ZvWEVMRDhyNklCR0FBZ19LZHJNQUE0QUVBQVNORUhVTExrdlFsWUFHQ05CR2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCcGtsZzlIME13al9CQVN2MFdoaHd1OGNfeVFFQUFBQUFBQUR3UDlrQmc0Yi1DUzVXNkRfZ0FiWEk1Z0wxQVFBQUFELVlBZ0NnQWdHMUFnQUFBQUM5QWcBOdhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NElsYXpuR1JBTEdBSXRBATvwZUxvRENVWlNRVEU2TlRJNU9lQUQ1eTJBQkxQcjRRZUlCTGJyNFFlUUJBR1lCQUd5QkFvSW0tbTBEQkNGcTRzTnNnUUtDTHVCc2dNUWhhdUxEYm9FR2dqdENCRXpNek16TXpQalB4awFqCQFMQ0M3Z2JJRHVnUWFDSjRKRVpxWm0BAhBja19HUQkjAQEkSUp2cHRBekJCSg0gEGVrX3lRHSEYTmdFQVBFRQEsCQFYQ0lCYk1wa0FYeHZER1lCYWZKODMtcEIRMxRQQV9zUVUJKwEBCE1FRgEHAQEMNERfSgUoHEdCOUROSV8wLigABE5rFSjAOERfZ0JlMlFBZkFGdzlleUJfZ0ZvNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHQQFdOEFBQTRELW9CZ1N5QmlRSgEQDQEAUg0IAQEAWgEFDQEAaA0ISEFBQUM0QmdvLpoCmQEhRWhwbXA-mQIoUHluYXlBQUtBQXgBLwEBDDREODYy0QFAVURuTFVtRGh2NEpMbGJvUDE9NARGawEzCQEIR0dhJYkQWm5wUDIdGABIHTAMSGdBaS6tAvDQdy4u2ALnQ-ACw8tZ6gIRaHR0cHM6Ly90cmliLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOi_SPgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjExNC4yMTUuMTMxqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQNOTc3I0ZSQTE6NTI5OdoEAggB4AQB8ASw_K-iAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAJDrDYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYOMzE1MyNGUkExOjUzMDa4BgDBBgAFMyjwP9AG5QLaBhYKEAUQHQFYEAAYAOAGAfIGcgjxvDESbExSSXhHVXchddhEQUFrQ0JRRUluNWpRQlJEc2dNNEJHSzJ4WUNBSEtBQkFvTlM1QWtqYzlmUURVT2N0V0xvcGNRATsJARBlQUNCQVHieEFBQWlBRUFrQUVBbWdFQ0NBQS6ABwGIBwCgBwG6Bw8ByUwYACAAMAA4vgZAAMgHmtkF0gcNCRGrGBAAGADaBwYJJ0TgBwDqBwIIAPAHw5sBiggCEAA.&s=633571da0c21ecfc217bc28aedb32b432a6b53e4&type=nv&nvt=5&jm=1003&px=436&py=1120&bw=728&bh=90&sid=7175670301849930203&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19886642&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=6192&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5b9bf609-98c0-44bb-becd-49c146b7c56a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CBD7 52 KB
17 KB 26ms
22ms Document
text/html 184.30.24.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3153&pub_id=1424069
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-185.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 11 Mar 2022 14:29:35 GMT
Date: Thu, 10 Mar 2022 14:29:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 75DF 0
819 B 23ms
20ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftrib.com%2F&e=wqT_3QLqGPD9agwAAAMA1gAFAQjMlqiRBhDF46yKkNGKnX4Y3fGboaX0q7B0KjYJhfTS7YLpzT8RNqKE6LeXxj8ZAAAAgOtR_D8hBVy49Zjdyz8pGHjuPVxy0j8xAAAAIIXr0T8wsuS9CTjRGEDRB0gCUNLf8KMBWPyna2AAaNOLhQF4v9YFgAEBigEDVVNEkgEDVVNEmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDM2NzE5NzEsIDE2NDY5MjI1NzIpO3VmKCdpJywgNjIyNDEwMCwgMTY0NjkyMjU3Mik7dWYoJ2cnLCAxNzE4NDYwNyxCOwAwcycsIDI3MTQ3OTQzN0Y9ADByJywgMzQzNjgzMDI2Nh8A8LaSAoEPIWE1M1BOZ2l0X09jWUVOTGY4S01CR0FBZ19LZHJNQUE0QUVBQVNORUhVTExrdlFsWUFHQ05CR2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCQ1lNZnI5Y096RF9CQWNMMXhyNVNjdElfeVFFQUFBQUFBQUR3UDlrQmc0Yi1DUzVXNkRfZ0FlVHgtd0wxQWJaMllENllBZ0NnQWdHMUFnQUFBQUM5QWcBOdhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NElwcG5DSHhBTEdBSXRBATvYTG9EQ1VaU1FURTZOVEU1TWVBRDV5MkFCTDJRMmdlSUJMN0M3d2VRQkFHWUJBR3FCTlVIQ1BfXxUCCHdFURUMFF9fX0FSagEHDQEMOEJJUA0LAQEId0VvAQcRAQhBVEQRCxRfX184Qk8yLAAERkEBFhEBBEFVNlgAAFU2LAAAWREoAQEEQVc2WAAAYTYsAAB3ASQRAQRBWDZYAAhnQUgRGwWUAGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAiEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQt_AEBIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWAH5DQEhADYQAABrOhAAAG06EAB0c2dRS0NKdnB0QXdRaGF1TERib0VHZ2llQ1JHYW1aAQIQbkpQeGuhegkBJENDYjZiUU13UVMZIAg4a0UJHQEBGERZQkFEeEIBCw0BXGlBWEhLSkFGOGJ3eG1BV041Ym1CQWFrRg0fGEE4RC14QlERDjxBQXdRV0YyV0NvMGVINlA4CSgcSUNxendEX1IuKAAIMlFVDTXARHdQLUFGbC1FQjhBWGY3cGdJLUFXamotQUJnZ1lEUjBKUWlBWU9rQVlCbUFZQW9RWQ04LEFBQUtnR0JMSUdKQR3kAEIdzwRCawEmCQEAQx0YRExnR0NnLi6aApkBIUNSbWhXdzqFByhQeW5heUFBS0FBeAk-BQEANjK9BkBVRG5MVW1EaHY0SkxsYm9QMR1hAEYdeQBHPY0AMh0YAEgdMAxIZ0FpLpkHuHcuLtgC50PgAsPLWeoCEWh0dHBzOi8vdHJpYi5jb20v8gIRCgZBRFZfSUQSBzM2EtoINPICEgoGQ1BHX0lEEggxGrQIARUIBUNQARQACSKqCBDyAg0KCAE-GEZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4QEAoFSU8BYQAHGkYJAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDov0j4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMTQuMjE1LjEzMagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDTk3NyNGUkExOjUxOTHaBAIIAeAEAfAEErwKIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC7gAAADYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYOMzE1MyNGUkExOjUzMDG4BgDBBgEwMAAA8D_QBuUC2gYWChAJERkBWBAAGADgBgHyBnII8bwxEmxLQktIR0V3QcHYREFBa0NCUUVJbjVqUUJSRHNnTTRCR0syeFlDQUhLQUJBb05TNUFramM5ZlFEVU9jdFdMVXBjUQE7CQEQZUFDQkF97WxpQUVBa0FFQW1nRUNDQUEugAcBiAcAoAcBugcPAckIGAAgITQsvgZAAMgHv9YF0gcNFfUBqAjaBwYJJ0TgBwDqBwIIAPAHw5sBiggCEAA.&s=ef721a69912b0e201eddaf620580b387cca53923&bdref=https%3A%2F%2Ftrib.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ftrib.com%2F,https%3A%2F%2Ftrib.com%2F,https%3A%2F%2Ftrib.com%2F&

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 900e8ad1-08b8-42b5-8f23-8ace9ac7adc4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 smtr Show response
contextual.media.net/ Frame 2DA7 78 KB
27 KB 326ms
324ms Script
text/javascript 104.108.144.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=211362147&size=728x90&cc=DE&chnm=HARMONY&pid=8PO15FLE3&tpid=T92M8NE&https=1&vif=1&requrl=https%3A%2F%2Ftrib.com&nse=5&vi=1646922573336068924&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&bcpf=B48fOnRrolnfOur8N4ag%2FBx%2F&bdrId=9&katbid=-103&ntv=0&matchstring=bcat%3Dnull%7Ccsh%3D1&katpre=1&pgid=p0170301996t202203101429&nb=1&adomain=https%3A%2F%2Fcontent.businessinfoline.com&allsc=HE&tcf_cmp=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUL2446F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-144-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

b34e7a6e7afde3a1507b65bebc7be48c5248ae3dbe63e4e84a0c53665e53661a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript
expires: Thu, 10 Mar 2022 14:29:34 GMT
cache-control: max-age=0, no-cache, no-store
x-sc-h: 22-hcgh
strict-transport-security: max-age=604800
content-length: 26915
x-sc-w: 22-4nps

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 2D40 15 KB
6 KB 105ms
103ms Document
text/html 104.108.144.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-144-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1e1ffa3b5d322aa9f1bd65dcb31da431d3acc0e38f2b0889233b3ad615f13a8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 12 Mar 2022 14:29:33 GMT
date: Thu, 10 Mar 2022 14:29:33 GMT
content-length: 5717

GET
H/1.1 200
OK bping.php
lg3.media.net/ Frame 2DA7 35 B
322 B 125ms
33ms Image
image/gif 2.22.32.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=211362147&vi=1646922573336068924&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886781335&r=1646922573813&requrl=https%3A%2F%2Ftrib.com&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=31103&vgd_rakh=1646922573111455351&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_pgid=p0170301996t202203101429&vgd_pgids=1&vgd_uspa=0&hvsid=00001646922573811036481820164228&gdpr=1&vgd_end=1

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.22.32.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-22-32-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Server: Apache
Date: Thu, 10 Mar 2022 14:29:33 GMT
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 10 Mar 2022 14:29:33 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame AEF3 21 KB
8 KB 116ms
116ms Document
text/html 104.108.144.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C4%2C246%2C10000%2C9%2C2033&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-144-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3097a6ede54f055e518f166eaa93eb1cfe40f29b08792e6927c55bca11da7a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 12 Mar 2022 14:29:33 GMT
date: Thu, 10 Mar 2022 14:29:33 GMT
content-length: 7797

GET
H2 200 clog
hblg.media.net/ Frame 2DA7 35 B
172 B 54ms
38ms Image
image/gif 104.108.144.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/clog?logid=awlog&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=8995450511507355087&s_city=frankfurt+am+main&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&usp_status=0&og_cbdp=0.220&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=5f59afe1&scrid=305103290&itypeid=16&mx_SPRIG=0&viewability=87&renderer=0&be=0&rtime=7.0&adj0=0.0&tmax=150&s_ip=37.252.172.39&adj2=0.0&adj1=0.0&mx_lr_seg_cnt=0&adtypes=0&mx_aabpc=0&reqid=8995450511507355087&sc=NI&mowxReqId=61fbddadb01047ffab92f01b25a1da2a_1&ifdp=0&requrl=https%3A%2F%2Ftrib.com&bidrestime=1646922573302&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-211362147-11-23&coppa_enf=true&is_rewarded=false&devmodel=Unknown&bdp=0.220&ct=Brake&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=31103&mang=1&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=trib.com&dt=O&acid=61fbddadb01047ffab92f01b25a1da2a&actltime=12&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.053&sckfl=1&dmm_erpm=true&mx_lr=0&coppa_applied=N&smbrid=3153&bfs=103&rfc=1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=305103290&omul=1.0&res_mtype=0&apPrfs%3C%3E=13%23%2316%23%2343&chnl=HARMONY&pst=0&reqsize=728x90&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1646923173554&dnt_status=N&reftype=0&prvAccId=211362147&ckfl=0&lper=1&mx_tgs=728x90&cbdp=0.053&csex=0&pvdTmax=109&ltime=12.0&epc=211362147&prvReqId=32719168092957_919901108_856004011191&zip=26919&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-1424069&brsrclk=0&sbdrid=99&rtttime=17&apTags%3C%3E=75&mx_PC=1&wsip=mowx-696cff9547-7q2lv&currsrc_date=2022-03-08+00%3A00%3A00&mx_divid=19886642&geoll=false&debug_ts=2022-03-10+14%3A29%3A33&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=NEXUS&fpusp=false&mnrfc=1&moau=true&ocurr=USD&stagid=19886642&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&pid=8PR113JGC&spTo=3&ecp=1.77&pvid=9&mx_mrpp_key=direct_bidp&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-6bd948ffdb-4knwf.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=19886642&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.22&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=19886642&opbidflr=0.000&impId=5698457731491634123&rme=adm&bdata=~seller_tag_id%3D19886642~std%3D19886642~itype%3DAPPNEXUS~visibility%3D0~city%3DBRAKE~ref_cnt%3D1~r_ip%3D217.114.215.0~r_sc%3DNI~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_a1%3D0~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D85~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.02~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3D0~dmm_d26%3D000~dmm_d27%3D0~dmm_d28%3D1~dmm_d29%3Dfalse~dmm_d30%3D1~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0~dmm_d51%3D0~dmm_d52%3D0~dmm_d53%3D0000~dmm_d56%3D0~bx_sgmt%3Dempty~sgmt%3Dempty~bx_rpc%3D0010001~bx_intmd%3D0~bx_ginsu%3D0~bx_rsp%3D%3D0~bx_size%3D728x90~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~dmm_l%3D0.022~dmm_r%3D0.986~e_rpm%3D0.213~dmm_m1%3D0.213~dmm_m2%3D0.013~dmm_m3%3D1.000~dmm_m7%3D1.635~dmm_m10%3D1.000~dmm_m11%3D0.981~dmm_m12%3D1.635~dmm_m14%3D1.000~dmm_m15%3D1.004~dmm_m16%3D0.986~dmm_m21%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m33%3D1.000~dmm_m34%3D1.000~dmm_m39%3D27.000~dmm_m40%3D27.000~dmm_m44%3D1.004~dmm_m47%3D17644.000~dmm_m48%3D4343617.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.213~vbr%3D0~bid%3D0.220~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19886642%7Eviewability%3D0.873127%7Ecbdp%3D0.053%7Edmm%3Dharmony%7Einsl%3D0%7Edtc%3Deu_be%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.220%7Eseller_tag_id%3D19886642%7EcarrierId%3D0%7Edcut%3D75%7Edogb%3D0-1~ibc%3D1~&utime=527&sf=0&cpr=0.7381894016686756
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-24.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: max-age=3600
date: Thu, 10 Mar 2022 14:29:33 GMT
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Thu, 10 Mar 2022 20:29:33 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame ABA9 21 KB
8 KB 110ms
108ms Document
text/html 104.108.144.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-144-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3097a6ede54f055e518f166eaa93eb1cfe40f29b08792e6927c55bca11da7a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 12 Mar 2022 14:29:33 GMT
date: Thu, 10 Mar 2022 14:29:33 GMT
content-length: 7797

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BD98 52 KB
17 KB 26ms
25ms Document
text/html 184.30.24.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3153&pub_id=1424069
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-185.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 11 Mar 2022 14:29:35 GMT
Date: Thu, 10 Mar 2022 14:29:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 2DA7 0
819 B 50ms
49ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftrib.com%2F&e=wqT_3QKIBPBMCAIAAAMA1gAFAQjNlqiRBhDLt4yp16O_ik8Y3fGboaX0q7B0KjYJiUFg5dAiqz8RhLuzdtuFpj8ZAAAAgOtR_D8hhLuzdtuFpj8piUEJJNAxAAAAIIXr0T8wsuS9CTjRGECVCUhgULqDvpEBWPyna2AAaNOLhQF4y9gFgAEBigEDVVNEkgUG8N6YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALnQ-ACw8tZ6gIRaHR0cHM6Ly90cmliLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOi_SPgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjExNC4yMTUuMTMxqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqDvpEBiAUBmAUAoAXP64HoyNKQ63zABQDJBQAAAAAAAPA_0gUJCQAACQ5w2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYJIyzwP9AGr_EB2gYWChAJEhkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFJTBgAIAAwADi-BkAAyAfL2AXSBw0JEToYEAAYANoHBgknROAHAOoHAggA8AfDmwGKCAIQAA..&s=fac398ca25888b831f2ef2bcb9e51e192ab5522b&bdref=https%3A%2F%2Ftrib.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ftrib.com%2F,https%3A%2F%2Ftrib.com%2F,https%3A%2F%2Ftrib.com%2F&

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:33 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 213a54d0-3cc2-4981-8318-6f3b2c44703c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ Frame F7A8 1 B
110 B 538ms
465ms XHR
text/plain 35.241.31.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=70738012206&seq=0&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1424069&id2=268231784&id3=339059941&id4=728x90&id5=19886642&id6=3671963&id7=3153&id8=15510465&id9=1845880955988091094&id10=3099354&id12=%24ADLOOX_WEBSITE&id13=7251802305044805210&id20=614b730&p_d=0.447&d5=319&tc=&usp=&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=google_ads_iframe_%2F65889844%2Ftrib.com_728x90e_desktop_0%40https%3A%2F%2Ftrib.com%2F&iframe=3&fake=000000&resolution=1600x1200&nav_lang=en-US&debug=7%3A%20top%20%21%3D%20window%20%26%20friendly%20-%3E%20GLOBAL.location.href%20&url_referrer=https%3A%2F%2Ftrib.com%2F&ao=https%3A%2F%2Ftrib.com&nb_cpu=12&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by: Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: nginx/1.19.8 / PHP/7.4.28
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
access-control-allow-origin: https://trib.com
x-powered-by: PHP/7.4.28
route: ads-prod-645c4dcc74-gwzbr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
server: nginx/1.19.8
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
timing-allow-origin: *
expires: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 75DF 0
0 64ms
64ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstmArcKOp7eDIt3qYeOKMcvz-1113qQbYuZZHqBZm-745WYF_ywg4PIoCrbLC7W_13bJIb-hbCYYed85iMGSDoT_0AqQYQv57Vzj-rH1HG81RX94vNfnHG5P-3KiW64MUNEfqt0_ie89uAEm1L4kujyPDMCrnTLoOJC7beqxd2pGn27WQX02mud8546-AbSzPyJp5jssyZWFHx5KMmjYteZODKG5FRFQAFk087wGD__aBTFgB4gxNj0dT9dJ99vm4x3pyPdA2-eDIbn1g5R_DFA7ihJp1c-Qh7SuD4EH0bwy4yatvZiVAvH4CNS_TqBF6Gj6Q&sig=Cg0ArKJSzCUQ1wnWQB45EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 75DF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 735d4da3744fb8afe8031641d8f0a8fcefdc95a8a04f9b1f69a315db686c8ac3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ Frame 2B33 1 B
448 B 455ms
436ms XHR
text/plain 35.241.31.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=98110892423&seq=0&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1424069&id2=268231847&id3=340524592&id4=728x90&id5=19886642&id6=3671971&id7=3153&id8=15510467&id9=8385895617895266525&id10=5874741&id12=%24ADLOOX_WEBSITE&id13=1875353459393999688&id20=614b730&p_d=0.733&d5=136&tc=&usp=&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=google_ads_iframe_%2F65889844%2Ftrib.com_728x90g_desktop_0%40https%3A%2F%2Ftrib.com%2F&iframe=3&fake=000000&resolution=1600x1200&nav_lang=en-US&debug=7%3A%20top%20%21%3D%20window%20%26%20friendly%20-%3E%20GLOBAL.location.href%20&url_referrer=https%3A%2F%2Ftrib.com%2F&ao=https%3A%2F%2Ftrib.com&nb_cpu=12&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by: Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: nginx/1.19.8 / PHP/7.4.28
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
access-control-allow-origin: https://trib.com
x-powered-by: PHP/7.4.28
route: ads-prod-645c4dcc74-zmmzv
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
server: nginx/1.19.8
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
timing-allow-origin: *
expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E48 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:29:34 GMT

GET
H/1.1 200
OK flping.php
lg3.media.net/ Frame 2DA7 35 B
322 B 44ms
44ms Image
image/gif 2.22.32.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/flping.php?pid=8PO15FLE3&prid=8PRVCXX19&gdpr=1&action=4&reason=63&cid=8CUL2446F&crid=211362147&cc=DE&ugd=4&requrl=https%253A%252F%252Ftrib.com&domain=trib.com&vi=1646922573336068924&hvsid=00001646922573811036481820164228&gdpr=1&vgd_end=1

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.22.32.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-22-32-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Server: Apache
Date: Thu, 10 Mar 2022 14:29:34 GMT
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 10 Mar 2022 14:29:34 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 75DF 0
834 B 37ms
37ms Ping
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftrib.com%2F&e=wqT_3QLTFvD9UwsAAAMA1gAFAQjMlqiRBhDF46yKkNGKnX4Y3fGboaX0q7B0KjYJhfTS7YLpzT8RNqKE6LeXxj8ZAAAAgOtR_D8hBVy49Zjdyz8pGHjuPVxy0j8xAAAAIIXr0T8wsuS9CTjRGEDRB0gCUNLf8KMBWPyna2AAaNOLhQF4v9YFgAEBigEDVVNEkgEDVVNEmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDM2NzE5NzEsIDE2NDY5MjI1NzIpO3VmKCdpJywgNjIyNDEwMCwgMTY0NjkyMjU3Mik7dWYoJ2cnLCAxNzE4NDYwNyxCOwAwcycsIDI3MTQ3OTQzN0Y9ADByJywgMzQzNjgzMDI2Nh8A8LaSAoEPIWE1M1BOZ2l0X09jWUVOTGY4S01CR0FBZ19LZHJNQUE0QUVBQVNORUhVTExrdlFsWUFHQ05CR2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCQ1lNZnI5Y096RF9CQWNMMXhyNVNjdElfeVFFQUFBQUFBQUR3UDlrQmc0Yi1DUzVXNkRfZ0FlVHgtd0wxQWJaMllENllBZ0NnQWdHMUFnQUFBQUM5QWcBOdhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NElwcG5DSHhBTEdBSXRBATvYTG9EQ1VaU1FURTZOVEU1TWVBRDV5MkFCTDJRMmdlSUJMN0M3d2VRQkFHWUJBR3FCTlVIQ1BfXxUCCHdFURUMFF9fX0FSagEHDQEMOEJJUA0LAQEId0VvAQcRAQhBVEQRCxRfX184Qk8yLAAERkEBFhEBBEFVNlgAAFU2LAAAWREoAQEEQVc2WAAAYTYsAAB3ASQRAQRBWDZYAAhnQUgRGwWUAGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAiEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQt_AEBIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWAH5DQEhADYQAABrOhAAAG06EAB0c2dRS0NKdnB0QXdRaGF1TERib0VHZ2llQ1JHYW1aAQIQbkpQeGuhegkBJENDYjZiUU13UVMZIAg4a0UJHQEBGERZQkFEeEIBCw0BXGlBWEhLSkFGOGJ3eG1BV041Ym1CQWFrRg0fGEE4RC14QlERDjxBQXdRV0YyV0NvMGVINlA4CSgcSUNxendEX1IuKAAIMlFVDTXARHdQLUFGbC1FQjhBWGY3cGdJLUFXamotQUJnZ1lEUjBKUWlBWU9rQVlCbUFZQW9RWQ04LEFBQUtnR0JMSUdKQR3kAEIdzwRCawEmCQEAQx0YRExnR0NnLi6aApkBIUNSbWhXdzqFByhQeW5heUFBS0FBeAk-BQEANjK9BkBVRG5MVW1EaHY0SkxsYm9QMR1hAEYdeQBHPY0AMh0YAEgdMAxIZ0FpLpkH8NB3Li7YAudD4ALDy1nqAhFodHRwczovL3RyaWIuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA6L9I-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTE0LjIxNS4xMzGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA05NzcjRlJBMTo1MTkx2gQCCAHgBAHwBNLf8KMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAkOsNgFAeAFAfAFJ_oFBAgAEACQBgCYBgCiBg4zMTUzI0ZSQTE6NTMwMbgGAMEGAAUzKPA_0AblAtoGFgoQBRAdAVgQABgA4AYB8gZyCPG8MRJsS0JLSEdFdyGq2ERBQWtDQlFFSW41alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pjOWZRRFVPY3RXTFVwY1EBOwkBEGVBQ0JBXdZsaUFFQWtBRUFtZ0VDQ0FBLoAHAYgHAKAHAboHDwHJTBgAIAAwADi-BkAAyAe_1gXSBw0JEasBqAjaBwYJJ0TgBwDqBwIIAPAHw5sBiggCEAA.&s=70f6b655c3a737144e0582ca0af8a0d18a142aa6&type=nv&nvt=5&jm=1003&px=436&py=1120&bw=728&bh=90&sid=7175670301849930203&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19886642&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=6192&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:34 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 561780c7-4f28-4b4c-a1f9-a9f4d7e3e719
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 COMMON.css
c.evidon.com/a/ Frame F7A8 2 KB
984 B 19ms
18ms Stylesheet
text/css 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/COMMON.css?r=0.8771447309813647
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220120
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2017 16:26:10 GMT
server: AkamaiNetStorage
etag: "c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: text/css
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 715

GET
H2 200 box_19_top-right.png
c.evidon.com/icon/ Frame F7A8 109 B
400 B 18ms
18ms Image
image/png 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/box_19_top-right.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:18 GMT
server: AkamaiNetStorage
etag: "8c7c476ac28727b21040351fa3006c59:1360189518"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 118

GET
H2 200 ci.png
c.evidon.com/icon/ Frame F7A8 581 B
888 B 19ms
19ms Image
image/png 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/ci.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:44 GMT
server: AkamaiNetStorage
etag: "2697f4b848d2400cd051312585a6bf42:1360189544"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 604

GET
H2 204 pixel.gif
l.betrad.com/ct/0_0_0_153615/de/0/1/0/0/0/0/728/90/242/1267/0/ Frame F7A8 0
121 B 320ms
102ms Image
text/plain 54.163.163.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/ct/0_0_0_153615/de/0/1/0/0/0/0/728/90/242/1267/0/pixel.gif?v=2_1&ttid=2&d=trib.com&r=0.17361102617185065
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.163.51 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-163-51.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 2DA7 0
0 41ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuEbdSEQMpZqdbqOmcJqsMot-W567thFdqOQBKQfIHyT2c_y7Od812dK3B3J0i4OcfkF-xt3AAkDBFPyGDmZbOxk6D4UzHl7blNhesNiU72AauQfujcLvuiuC17-oVlhp5Or_yjxB15XhCYEgGgROi31XJ_CdjvN9TX0VftzFUq5xMGDeTQWI1s6q_afTbjPogwRiK8ej4uZY9uxXknNsfaTlYP7WD7Qlb1WvfCcg0iRxm7_YcOTWsFjygCv-APBRwP93oST4VQMZofoDGfSYIyFQeHDq9qXFbiPFHyh3BzygHW_GG3j5xYM7AwmGgqL-Tz&sig=Cg0ArKJSzMmjGViDt6U_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 2DA7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3817d1144e677ecce497a958e192dc46403c0dddcb8b62ad8f661ae789a413ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 COMMON.css
c.evidon.com/a/ Frame 2B33 2 KB
984 B 20ms
19ms Stylesheet
text/css 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/COMMON.css?r=0.4294987048468122
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220120
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2017 16:26:10 GMT
server: AkamaiNetStorage
etag: "c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: text/css
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 715

GET
H2 200 box_19_top-right.png
c.evidon.com/icon/ Frame 2B33 109 B
400 B 19ms
19ms Image
image/png 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/box_19_top-right.png
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220120
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:18 GMT
server: AkamaiNetStorage
etag: "8c7c476ac28727b21040351fa3006c59:1360189518"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 118

GET
H2 200 ci.png
c.evidon.com/icon/ Frame 2B33 581 B
888 B 20ms
20ms Image
image/png 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/ci.png
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220120
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:44 GMT
server: AkamaiNetStorage
etag: "2697f4b848d2400cd051312585a6bf42:1360189544"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 604

GET
H2 204 pixel.gif
l.betrad.com/ct/0_0_0_153615/de/0/1/0/0/0/0/728/90/242/1267/0/ Frame 2B33 0
120 B 290ms
103ms Image
text/plain 54.163.163.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/ct/0_0_0_153615/de/0/1/0/0/0/0/728/90/242/1267/0/pixel.gif?v=2_1&ttid=2&d=trib.com&r=0.5949309049651526
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.163.51 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-163-51.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 2DA7 0
834 B 45ms
45ms Ping
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftrib.com%2F&e=wqT_3QLJBPBMSQIAAAMA1gAFAQjNlqiRBhDLt4yp16O_ik8Y3fGboaX0q7B0KjYJiUFg5dAiqz8RhLuzdtuFpj8ZAAAAgOtR_D8hhLuzdtuFpj8piUEJJNAxAAAAIIXr0T8wsuS9CTjRGECVCUhgULqDvpEBWPyna2AAaNOLhQF4y9gFgAEBigEDVVNEkgUG9F4BmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsPLWeoCEWh0dHBzOi8vdHJpYi5jb20vgAMAiAMBkAMAmAMXoAMBqgNBEhg4OTk1NDUwNTExNTA3MzU1MDg3X3NiaWQaEzU2OTg0NTc3MzE0OTE2MzQxMjMiCTMwNTEwMzI5MCoFTTExNzPAA6wCyAMA2AOi_SPgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjExNC4yMTUuMTMxqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqDvpEBiAUBmAUAoAXP64HoyNKQ63zABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAAAAAAAAAAABT5kABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOL4GQADIB8vYBdIHDQkJNgk4CNoHBgknROAHAOoHAggA8AfDmwGKCAIQAA..&s=ae6aacff9d2a02ddb8ae4c23ad16f5c791fca885&type=nv&nvt=5&jm=1003&px=436&py=1120&bw=728&bh=90&sid=7175670301849930203&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19886642&sw=1600&sh=1200&pw=1600&ph=6192&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:34 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4c5d311a-8d63-4e90-8d74-6db9ae0104f7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 COMMON.css
c.evidon.com/a/ Frame 75DF 2 KB
984 B 19ms
18ms Stylesheet
text/css 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/COMMON.css?r=0.439634697410362
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220120
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2017 16:26:10 GMT
server: AkamaiNetStorage
etag: "c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: text/css
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 715

GET
H2 200 box_19_top-right.png
c.evidon.com/icon/ Frame 75DF 109 B
400 B 19ms
19ms Image
image/png 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/box_19_top-right.png
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220120
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:18 GMT
server: AkamaiNetStorage
etag: "8c7c476ac28727b21040351fa3006c59:1360189518"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 118

GET
H2 200 ci.png
c.evidon.com/icon/ Frame 75DF 581 B
888 B 19ms
19ms Image
image/png 104.90.181.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/ci.png
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220120
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.90.181.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:44 GMT
server: AkamaiNetStorage
etag: "2697f4b848d2400cd051312585a6bf42:1360189544"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 604

GET
H2 204 pixel.gif
l.betrad.com/ct/0_0_0_153615/de/0/1/0/0/0/0/728/90/242/1267/0/ Frame 75DF 0
120 B 256ms
103ms Image
text/plain 54.163.163.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/ct/0_0_0_153615/de/0/1/0/0/0/0/728/90/242/1267/0/pixel.gif?v=2_1&ttid=2&d=trib.com&r=0.1319050162802038
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.163.51 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-163-51.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ Frame 75DF 1 B
108 B 731ms
731ms XHR
text/plain 35.241.31.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=15921425887&seq=0&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1424069&id2=271479437&id3=343683026&id4=728x90&id5=19886642&id6=3671971&id7=3153&id8=17184607&id9=8385895617895266525&id10=6224100&id12=%24ADLOOX_WEBSITE&id13=9095629165348729285&id20=614b730&p_d=0.503&d5=219&tc=&usp=&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=google_ads_iframe_%2F65889844%2Ftrib.com_728x90h_desktop_0%40https%3A%2F%2Ftrib.com%2F&iframe=3&fake=000000&resolution=1600x1200&nav_lang=en-US&debug=7%3A%20top%20%21%3D%20window%20%26%20friendly%20-%3E%20GLOBAL.location.href%20&url_referrer=https%3A%2F%2Ftrib.com%2F&ao=https%3A%2F%2Ftrib.com&nb_cpu=12&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by: Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: nginx/1.19.8 / PHP/7.4.28
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:34 GMT
content-encoding: gzip
access-control-allow-origin: https://trib.com
x-powered-by: PHP/7.4.28
route: ads-prod-645c4dcc74-p96dd
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
server: nginx/1.19.8
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
timing-allow-origin: *
expires: 0

GET
H3 200 hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8742 35 KB
13 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 10:11:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 10:11:40 GMT

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame B0FF 15 B
397 B 33ms
32ms Script
text/javascript 2.22.32.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&&vgd_l2type=sca&v=1&gdpr=1&geo=50.98%7C11.03&dlper=20&lper=100&lpid=&tsid=4&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170785151&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_fm_lang=DE&vgd_dnquo=01_9&ksu=243&fdkt=350&vgde_kbbh=ffoNu9&kwd[]=Nintendo+2DS+gebraucht+kaufen&kwt[]=350&kbc[]=178947&kwp[]=1&kid[]=329589446&kbc2[]=178947%7C%7C%7C%7Crps%3D0.24%7C%7Cps%3D0.843%7C%7Crpc%3D0.04%7C%7Clvl%3D1.00&ktd[]=281749871591680&ktrkt[]=Nintendo+2DS+gebraucht+kaufen&kwd[]=Nintendo+Switch+kaufen&kwt[]=350&kbc[]=178947&kwp[]=2&kid[]=326673584&kbc2[]=178947%7C%7C%7C%7Crps%3D0.24%7C%7Cps%3D0.843%7C%7Crpc%3D0.20%7C%7Clvl%3D1.00&ktd[]=281749871591680&ktrkt[]=Nintendo+Switch+kaufen&kwd[]=Nintendo+DS+bestellen&kwt[]=350&kbc[]=178947&kwp[]=3&kid[]=130310222&kbc2[]=178947%7C%7C%7C%7Crps%3D0.23%7C%7Cps%3D0.843%7C%7Crpc%3D0.10%7C%7Clvl%3D1.00&ktd[]=281749871591680&ktrkt[]=Nintendo+DS+bestellen&kwd[]=Nintendo+Wii+g%C3%BCnstig+kaufen&kwt[]=350&kbc[]=178947&kwp[]=4&kid[]=329589447&kbc2[]=178947%7C%7C%7C%7Crps%3D0.80%7C%7Cps%3D0.843&ktd[]=282299627405568&ktrkt[]=Nintendo+Wii+g%C3%BCnstig+kaufen&cid=8CUL2446F&vwid=1646922573336068924&vi=1646922573336068924&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D31103&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785151&vgd_nrrv=54610&vgd_nrrmf=1c848&vgd_nrrsf=scrr&vgd_cty=erfurt&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1646922573111455351&sttm=1646922573811&upk=1646922574.23503&hvsid=00001646922573811036481820164228&verid=3111299&vgd_matchstr=bcat%3Dnull%7Ccsh%3D1&sbdrId=99&vgd_ecrid=305103290&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15FLE3&&abpl=2&&kbbq=%26asn%3D31103&&vgd_vstrid=DefVid&vgde_bdata=~QJjjJLM71yM8OvuiWWFFHf~Q7OvuiWWFFHf~875EJvK00I4tPb~e8Q8G8j875v9~N875vRDKC4~LJkMNz7vu~LM8Evfuh.uuH.fuX.9~LMQNvIV~LGmvXMA~G-MLwvHhr4gEdWqR~G-M1uv9~OYYMOuv9~OYYMOfv_~OYYMOAv9~OYYMOHvu9~OYYMOXv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMOu9v9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvWX~OYYMOuiv9999~OYYMOfuvou~OYYMOffv9.9f~OYYMOfAv9~OYYMOfHvX~OYYMOfXv9~OYYMOfFv999~OYYMOfhv9~OYYMOfWvu~OYYMOfivk1jQJ~OYYMOA9vu~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~wNv9~OYYMOXuv9~OYYMOXfv9~OYYMOXAv9999~OYYMOXFv9~G-MQyY7vJYE75~QyY7vJYE75~G-MLENv99u999u~G-M8z7YOv9~G-My8zQxv9~G-MLQEvv9~G-MQ8lJvhfW-i9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-MJ-Ev9~OYYMjv9.9ff~OYYMLv9.iWF~JMLEYv9.fuA~OYYMYuv9.fuA~OYYMYfv9.9uA~OYYMYAvu.999~OYYMYhvu.FAX~OYYMYu9vu.999~OYYMYuuv9.iWu~OYYMYufvu.FAX~OYYMYuHvu.999~OYYMYuXvu.99H~OYYMYuFv9.iWF~OYYMYfuvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYA9vu.999~OYYMYAAvu.999~OYYMYAHvu.999~OYYMYAivfh.999~OYYMYH9vfh.999~OYYMYHHvu.99H~OYYMYHhvuhFHH.999~OYYMYHWvHAHAFuh.999~ONvyNEoJxoBJQ7uoG~NUMkjv9~GwEv9~JLEYv9.fuA~eGLv9~G8Ov9.ff9~OYYMOAivSG8OSyJ74-Nw1zyJDJQEmzQJ~QxEEj5M71yM8OvuiWWFFHf~e8JB1G8j875v9.WhAufh~NGOEv9.9XA~OYYvw1LYmz5~8zQjv9~O7NvJxMGJ~LJkMNz7vu~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.ff9~QJjjJLM71yM8OvuiWWFFHf~N1LL8JLVOv9~ONx7vhX~OmyGv9ou~8GNvu~&vgd_optout=0&vgd_cfud=200610&vgd_scsver=154&vgd_l2ch=0&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=eu_be&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001646922573811036481820164228&subBdr=99&bdrid=9&fp=mQ_JNlFGhl1o6VM4lWqn-gVp4j0_6kgQY5CxUm-cpVR2oxdpl5QHDG2B9e9IvEaJFLX7S1-Y52mWsFyrT4IBq3AoVxRFfEhJS7ClHwCFSXU4QcruiLqpfoSeYay_6QQW8brxH3SpWeg%3D&cme=6Fbd82Rb9Qzjr41FKHPFEliOfEAD2pbKL_h-aH_ZdzkNxCYqbKvSa8IrS88n9qDW-bSHzN_ucz0IRYxKrIwreTllCDt_0MNYnkTcDZztOlGh3IIGsa8GGeoiEPJU82Zd0CoLbCOXNYTsfL1K8-1ZqMHq4uWNYz6Fosk7xkAMgugqysnXM9f6df7whLCsNX0sarJqgKYIyBuxTwwipg_pcHRy_OrnFwVN%7C%7CMhSffBRfuCOyCp4u_bjS9Q%3D%3D%7Chh7J1FBzUkmLNl36GD1mqSw6iSRse0jpFle8oALcGFLuuK8w0GlHhYLyiNGTICYRaxUtbQeKEOeB832wC3NRAljRFl4snKvPQHzdszD5BZEkmy-RyFjsXb1UvT1opYMg2gDPhFw6limqRVJagt8e-QQTXyIZjaIS7C6LEVShMUBDhJcj1qFNZwV-EFestIeQO2C3mbYtFyODcqfdYBRSNdBlS8da8bDN%7CECZQquDAdXO219s_zvdUcg%3D%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Cu8A6SM53vAeDX2gxB2l7q9coRgBZkbzd%7CqW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb%7CgNTUc7MBYV04UVzmztpDDQ%3D%3D%7Ca0AmFUYXmD69E-EZitIgG6Kxxve82XnCFoNzurAGuww%3D%7C&rc=0&rand=1646922574167&acid=61fbddadb01047ffab92f01b25a1da2a&matm=1646922574167&requrl=https%3A%2F%2Ftrib.com&vgd_x_pos=436&vgd_y_pos=1120&vgd_ren_page_h=6192&vgd_ltime=567&vgd_ltimesrc=1&vgd_l1hcsd=N9%7C1646&vgd_tcf_cmp=1&vgd_l1ch=1&vgd_lhl=3140&vgd_pgid=p0170301996t202203101429&vgd_csip=rtb-common-6bd948ffdb-4knwf.BE&vgd_sbSup=1&vgd_nrrs=54610&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F65889844%2Ftrib.com_728x90i_desktop_0__container__%7CDIV-div-gpt-ad-saambaa728x90x1-8&oRurl=adomain%3Dhttps%253A%252F%252Fcontent.businessinfoline.com%26adt1%3D8CU6M287B%26adt2%3D856004011%26bdrId%3D9%26cb%3Dwindow._mNDetails.initAd%26cc%3DDE%26chnm%3DHARMONY%26cid%3D8CUL2446F%26cpcd%3DXwoV-NCuQXHq_FbmS-SljQ%253D%253D%26crid%3D211362147%26gdpr%3D1%26https%3D1%26katbid%3D-103%26katpre%3D1%26lw%3D1%26matchstring%3Dbcat%253Dnull%257Ccsh%253D1%26nb%3D1%26nse%3D5%26ntv%3D0%26pid%3D8PO15FLE3%26requrl%3Dhttps%253A%252F%252Ftrib.com%26size%3D728x90%26tcf_cmp%3D1%26tpid%3DT92M8NE%26ugd%3D4%26vif%3D1&vgd_end=2

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.22.32.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-22-32-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Server: Apache
Date: Thu, 10 Mar 2022 14:29:34 GMT
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 15
Expires: Thu, 10 Mar 2022 14:29:34 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4E48 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukCFY64wvKqIVE_3TOJrUyqlOsaQY-Avh_h2AJlSMmx6Poc1_BQLWDQKfwvpqPjvCtVQWagxGBGg5-Y3K1Asc&sig=Cg0ArKJSzD80BMUEo9frEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&app=0&itpl=33&adk=533717427&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646922573180&rpt=282&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F7A8 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZx61Ba74sjgMt5y-8xf2c6xw04zPxDFtjVp4yt3IxjM6Oa0Mxw6H_XTbwmL4IyP1mr_DVaAyQ55jTjsRgDtTrfb8eFaiQt5HnxfQjEhNQZTiUM3Oi&sig=Cg0ArKJSzN5AsmviUdNKEAE&id=lidar2&mcvt=1001&p=1120,436,1210,1164&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=2920569117&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646922573157&rpt=580&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2B33 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjY0v2hxPs2RPUHGnJyRtntOugNyJxBz5mrinS4duXp_r-CrGLmhytmRlQlfaGzvQujEGWGjQF-SwAMYE8yRjWrnyUg346nowo22xgBybwPVD3o_Q-&sig=Cg0ArKJSzKQ4Ym7f0dP7EAE&id=lidar2&mcvt=1002&p=1120,436,1210,1164&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=2192087926&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646922573108&rpt=657&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame F7A8 0
834 B 53ms
52ms Ping
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftrib.com%2F&e=wqT_3QLnDPD9ZwYAAAMA1gAFAQjMlqiRBhDa7Les5fjk0WQY1sHQurHe-M4ZKjYJIOX4wPly1z8REqUTJwy20T8ZAAAAgOtR_D8hT-bdYMFA1j8pn6ut2F923T8xAAAAIIXr0T8wsuS9CTjRGEDRB0gCUOXJ1qEBWPyna2AAaNOLhQF44dUFgAEBigEDVVNEkgEDVVNEmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDM2NzE5NjMsIDE2NDY5MjI1NzIpO3VmKCdpJywgMzA5OTM1NCwgMTY0NjkyMjU3Mik7dWYoJ2cnLCAxNTUxMDQ2NSxCOwAwcycsIDI2ODIzMTc4NEY9ADByJywgMzM5MDU5OTQxNh8A9F4BkgKVBSFDSVl3a2dqc3Nmb1hFT1hKMXFFQkdBQWdfS2RyTUFBNEFFQUFTTkVIVUxMa3ZRbFlBR0JlYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFFVUlZdGVMV2pXUDhFQkRnSG81SEIyM1RfSkFRQUFBQUFBQVBBXzJRR0RodjRKTGxib1AtQUIycFc5QWZVQlpVR3pQcGdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYUlERGdpSXJPY1pFQXNZQWkwQUFBQUF1Z01KUmxKQk1UbzBORE15NEFQbkxZQUVxWkRhQjRnRXdvM29CNUFFQVpnRUFiSUVDZ2liNmJRTUVJV3JpdzJ5QkFvSXU0R3lBeENGcTRzTnVnUWFDTzBJRVRNek16TXpNLU1fR1FBQUFBAeFUQUFJTHVCc2dPNkJCb0luZ2tSbXBtWgECDHlUOFoJIgUBIGdtLW0wRE1FRREgEDZUX0pCBRsJARQyQVFBOFExOQFZVGdGMENLUUJmRzhNWmdGNk1qemY2a0YBGwEBEDhELXhCHS80d1FVYmNaMDFzeTcxUDgJKBw0TWZzMERfUi4oAAgyUVUBP9BBQUFEd1AtQUYwLWNDOEFYQjE3SUgtQVdiai1BQmdnWURSMEpRaUFZT2tBWUJtQVlBb1FZQQE2BQEkS2dHQkxJR0pBawUPBQEEQkUFBwUBBEJrBQcFAQBDHRhETGdHQ2cuLpoCmQEhRFJsc1ZROpkCKFB5bmF5QUFLQUF4BT0JAVw2Q1VaU1FURTZORFF6TWtEbkxVbURodjRJVQAxHWEARh15CEdHYSGJFG1abnBQMh0YAEgdMBBIZ0FpUREQ9BcBRHdQdy4u2ALnQ-ACw8tZ6gIRaHR0cHM6Ly90cmliLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOi_SPgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjExNC4yMTUuMTMxqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQNOTc3I0ZSQTE6NDQzMtoEAggB4AQB8ATlydahAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYOMzE1MyNGUkExOjQ2NTS4BgDBBgAAAAAAAPA_0AblAtoGFgoQAAkSFQFYEAAYAOAGAfIGcgjxvDESbEhCTDBGa3chq9hEQUFrQ0JRRUluNWpRQlJEc2dNNEJHSzJ4WUNBSEtBQkFvTlM1QWtqYzlmUURVT2N0V0s0a2NRATsJARBlQUNCQV3WBGlBhX5QQW1nRUNDQUEugAcBiAcAoAcBugcPAclIGAAgADAAOL4GQADIB-HVBdIHDRX1GBAAGADaBwYJJ0TgBwDqBwIIAPAHw5sBiggCEAA.&s=95bb09c26845b61d1021e9c483489fd4359d65c3&type=pv&jm=1003&px=436&py=1120&bw=728&bh=90&sf=0.89&sid=7175670301849930203&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19886642&cid=3&cr=nv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:34 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8b8d2bcd-58ef-4da6-a64d-d75ab59f2991
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 2B33 0
834 B 25ms
25ms Ping
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftrib.com%2F&e=wqT_3QLnDPD9ZwYAAAMA1gAFAQjMlqiRBhDI5uq7kIGmgxoY3fGboaX0q7B0KjYJ5GAtF4dbxT8RdM_TqJ8hwD8ZAAAAgOtR_D8hnqGUHdbswT8pXfksz4O7xz8xAAAAIIXr0T8wsuS9CTjRGEDRB0gCULD8r6IBWPyna2AAaNOLhQF4mtkFgAEBigEDVVNEkgEDVVNEmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDM2NzE5NzEsIDE2NDY5MjI1NzIpO3VmKCdpJywgNTg3NDc0MSwgMTY0NjkyMjU3Mik7dWYoJ2cnLCAxNTUxMDQ2NyxCOwAwcycsIDI2ODIzMTg0N0Y9ADByJywgMzQwNTI0NTkyNh8A8LaSApUFIU9vTU1tUWp1c2ZvWEVMRDhyNklCR0FBZ19LZHJNQUE0QUVBQVNORUhVTExrdlFsWUFHQ05CR2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCcGtsZzlIME13al9CQVN2MFdoaHd1OGNfeVFFQUFBQUFBQUR3UDlrQmc0Yi1DUzVXNkRfZ0FiWEk1Z0wxQVFBQUFELVlBZ0NnQWdHMUFnQUFBQUM5QWcBOdhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NElsYXpuR1JBTEdBSXRBATvwZUxvRENVWlNRVEU2TlRJNU9lQUQ1eTJBQkxQcjRRZUlCTGJyNFFlUUJBR1lCQUd5QkFvSW0tbTBEQkNGcTRzTnNnUUtDTHVCc2dNUWhhdUxEYm9FR2dqdENCRXpNek16TXpQalB4awFqCQFMQ0M3Z2JJRHVnUWFDSjRKRVpxWm0BAhBja19HUQkjAQEkSUp2cHRBekJCSg0gEGVrX3lRHSEYTmdFQVBFRQEsCQFYQ0lCYk1wa0FYeHZER1lCYWZKODMtcEIRMxRQQV9zUVUJKwEBCE1FRgEHAQEMNERfSgUoHEdCOUROSV8wLigABE5rFSjAOERfZ0JlMlFBZkFGdzlleUJfZ0ZvNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHQQFdOEFBQTRELW9CZ1N5QmlRSgEQDQEAUg0IAQEAWgEFDQEAaA0ISEFBQUM0QmdvLpoCmQEhRWhwbXA-mQIoUHluYXlBQUtBQXgBLwEBDDREODYy0QFAVURuTFVtRGh2NEpMbGJvUDE9NARGawEzCQEIR0dhJYkQWm5wUDIdGABIHTAMSGdBaS6tAvDQdy4u2ALnQ-ACw8tZ6gIRaHR0cHM6Ly90cmliLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOi_SPgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjExNC4yMTUuMTMxqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQNOTc3I0ZSQTE6NTI5OdoEAggB4AQB8ASw_K-iAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAJDrDYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYOMzE1MyNGUkExOjUzMDa4BgDBBgAFMyjwP9AG5QLaBhYKEAUQHQFYEAAYAOAGAfIGcgjxvDESbExSSXhHVXchddhEQUFrQ0JRRUluNWpRQlJEc2dNNEJHSzJ4WUNBSEtBQkFvTlM1QWtqYzlmUURVT2N0V0xvcGNRATsJARBlQUNCQVHieEFBQWlBRUFrQUVBbWdFQ0NBQS6ABwGIBwCgBwG6Bw8ByUwYACAAMAA4vgZAAMgHmtkF0gcNCRGrGBAAGADaBwYJJ0TgBwDqBwIIAPAHw5sBiggCEAA.&s=633571da0c21ecfc217bc28aedb32b432a6b53e4&type=pv&jm=1003&px=436&py=1120&bw=728&bh=90&sf=0.89&sid=7175670301849930203&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19886642&cid=3&cr=nv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:34 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b381f84d-e093-4da9-a0b3-53cd80d65276
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 log
hblg.media.net/ Frame 2DA7 35 B
194 B 26ms
26ms Image
image/gif 104.108.144.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=8995450511507355087&s_city=frankfurt+am+main&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&usp_status=0&og_cbdp=0.220&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=5f59afe1&scrid=305103290&itypeid=16&mx_SPRIG=0&viewability=87&renderer=0&be=0&rtime=7.0&adj0=0.0&tmax=150&s_ip=37.252.172.39&adj2=0.0&adj1=0.0&mx_lr_seg_cnt=0&adtypes=0&mx_aabpc=0&reqid=8995450511507355087&sc=NI&mowxReqId=61fbddadb01047ffab92f01b25a1da2a_1&ifdp=0&requrl=https%3A%2F%2Ftrib.com&bidrestime=1646922573302&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-211362147-11-23&coppa_enf=true&is_rewarded=false&devmodel=Unknown&bdp=0.220&ct=Brake&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=31103&mang=1&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=trib.com&dt=O&acid=61fbddadb01047ffab92f01b25a1da2a&actltime=12&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.053&sckfl=1&dmm_erpm=true&mx_lr=0&coppa_applied=N&smbrid=3153&bfs=103&rfc=1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=305103290&omul=1.0&res_mtype=0&apPrfs%3C%3E=13%23%2316%23%2343&chnl=HARMONY&pst=0&reqsize=728x90&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1646923173554&dnt_status=N&reftype=0&prvAccId=211362147&ckfl=0&lper=1&mx_tgs=728x90&cbdp=0.053&csex=0&pvdTmax=109&ltime=12.0&epc=211362147&prvReqId=32719168092957_919901108_856004011191&zip=26919&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-1424069&brsrclk=0&sbdrid=99&rtttime=17&apTags%3C%3E=75&mx_PC=1&wsip=mowx-696cff9547-7q2lv&currsrc_date=2022-03-08+00%3A00%3A00&mx_divid=19886642&geoll=false&debug_ts=2022-03-10+14%3A29%3A33&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=NEXUS&fpusp=false&mnrfc=1&moau=true&ocurr=USD&stagid=19886642&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&pid=8PR113JGC&spTo=3&ecp=1.77&pvid=9&mx_mrpp_key=direct_bidp&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-6bd948ffdb-4knwf.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=19886642&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.22&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=19886642&opbidflr=0.000&impId=5698457731491634123&rme=adm&bdata=~seller_tag_id%3D19886642~std%3D19886642~itype%3DAPPNEXUS~visibility%3D0~city%3DBRAKE~ref_cnt%3D1~r_ip%3D217.114.215.0~r_sc%3DNI~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_a1%3D0~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D85~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.02~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3D0~dmm_d26%3D000~dmm_d27%3D0~dmm_d28%3D1~dmm_d29%3Dfalse~dmm_d30%3D1~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0~dmm_d51%3D0~dmm_d52%3D0~dmm_d53%3D0000~dmm_d56%3D0~bx_sgmt%3Dempty~sgmt%3Dempty~bx_rpc%3D0010001~bx_intmd%3D0~bx_ginsu%3D0~bx_rsp%3D%3D0~bx_size%3D728x90~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~dmm_l%3D0.022~dmm_r%3D0.986~e_rpm%3D0.213~dmm_m1%3D0.213~dmm_m2%3D0.013~dmm_m3%3D1.000~dmm_m7%3D1.635~dmm_m10%3D1.000~dmm_m11%3D0.981~dmm_m12%3D1.635~dmm_m14%3D1.000~dmm_m15%3D1.004~dmm_m16%3D0.986~dmm_m21%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m33%3D1.000~dmm_m34%3D1.000~dmm_m39%3D27.000~dmm_m40%3D27.000~dmm_m44%3D1.004~dmm_m47%3D17644.000~dmm_m48%3D4343617.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.213~vbr%3D0~bid%3D0.220~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19886642%7Eviewability%3D0.873127%7Ecbdp%3D0.053%7Edmm%3Dharmony%7Einsl%3D0%7Edtc%3Deu_be%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.220%7Eseller_tag_id%3D19886642%7EcarrierId%3D0%7Edcut%3D75%7Edogb%3D0-1~ibc%3D1~&evttyp=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-24.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:35 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 10 Mar 2022 14:29:35 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 75DF 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTG3mAJVXWTI8Vk2kh7AGEnjfaFiNDUqVTPXjy3aIjUb3uPLcO7qoc0Jh8CL2rQiLCGkaxgU2pcjliejOFOd5RU21jaE92m-pIb_dCi6ga5V_tiXrN&sig=Cg0ArKJSzJRo5e2DwIXJEAE&id=lidar2&mcvt=1000&p=1120,436,1210,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=719928629&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646922573397&rpt=561&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 75DF 0
834 B 20ms
20ms Ping
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftrib.com%2F&e=wqT_3QLTFvD9UwsAAAMA1gAFAQjMlqiRBhDF46yKkNGKnX4Y3fGboaX0q7B0KjYJhfTS7YLpzT8RNqKE6LeXxj8ZAAAAgOtR_D8hBVy49Zjdyz8pGHjuPVxy0j8xAAAAIIXr0T8wsuS9CTjRGEDRB0gCUNLf8KMBWPyna2AAaNOLhQF4v9YFgAEBigEDVVNEkgEDVVNEmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDM2NzE5NzEsIDE2NDY5MjI1NzIpO3VmKCdpJywgNjIyNDEwMCwgMTY0NjkyMjU3Mik7dWYoJ2cnLCAxNzE4NDYwNyxCOwAwcycsIDI3MTQ3OTQzN0Y9ADByJywgMzQzNjgzMDI2Nh8A8LaSAoEPIWE1M1BOZ2l0X09jWUVOTGY4S01CR0FBZ19LZHJNQUE0QUVBQVNORUhVTExrdlFsWUFHQ05CR2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCQ1lNZnI5Y096RF9CQWNMMXhyNVNjdElfeVFFQUFBQUFBQUR3UDlrQmc0Yi1DUzVXNkRfZ0FlVHgtd0wxQWJaMllENllBZ0NnQWdHMUFnQUFBQUM5QWcBOdhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NElwcG5DSHhBTEdBSXRBATvYTG9EQ1VaU1FURTZOVEU1TWVBRDV5MkFCTDJRMmdlSUJMN0M3d2VRQkFHWUJBR3FCTlVIQ1BfXxUCCHdFURUMFF9fX0FSagEHDQEMOEJJUA0LAQEId0VvAQcRAQhBVEQRCxRfX184Qk8yLAAERkEBFhEBBEFVNlgAAFU2LAAAWREoAQEEQVc2WAAAYTYsAAB3ASQRAQRBWDZYAAhnQUgRGwWUAGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAiEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQt_AEBIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWAH5DQEhADYQAABrOhAAAG06EAB0c2dRS0NKdnB0QXdRaGF1TERib0VHZ2llQ1JHYW1aAQIQbkpQeGuhegkBJENDYjZiUU13UVMZIAg4a0UJHQEBGERZQkFEeEIBCw0BXGlBWEhLSkFGOGJ3eG1BV041Ym1CQWFrRg0fGEE4RC14QlERDjxBQXdRV0YyV0NvMGVINlA4CSgcSUNxendEX1IuKAAIMlFVDTXARHdQLUFGbC1FQjhBWGY3cGdJLUFXamotQUJnZ1lEUjBKUWlBWU9rQVlCbUFZQW9RWQ04LEFBQUtnR0JMSUdKQR3kAEIdzwRCawEmCQEAQx0YRExnR0NnLi6aApkBIUNSbWhXdzqFByhQeW5heUFBS0FBeAk-BQEANjK9BkBVRG5MVW1EaHY0SkxsYm9QMR1hAEYdeQBHPY0AMh0YAEgdMAxIZ0FpLpkH8NB3Li7YAudD4ALDy1nqAhFodHRwczovL3RyaWIuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA6L9I-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTE0LjIxNS4xMzGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA05NzcjRlJBMTo1MTkx2gQCCAHgBAHwBNLf8KMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAkOsNgFAeAFAfAFJ_oFBAgAEACQBgCYBgCiBg4zMTUzI0ZSQTE6NTMwMbgGAMEGAAUzKPA_0AblAtoGFgoQBRAdAVgQABgA4AYB8gZyCPG8MRJsS0JLSEdFdyGq2ERBQWtDQlFFSW41alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pjOWZRRFVPY3RXTFVwY1EBOwkBEGVBQ0JBXdZsaUFFQWtBRUFtZ0VDQ0FBLoAHAYgHAKAHAboHDwHJTBgAIAAwADi-BkAAyAe_1gXSBw0JEasBqAjaBwYJJ0TgBwDqBwIIAPAHw5sBiggCEAA.&s=70f6b655c3a737144e0582ca0af8a0d18a142aa6&type=pv&jm=1003&px=436&py=1120&bw=728&bh=90&sf=0.89&sid=7175670301849930203&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19886642&cid=3&cr=nv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:35 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 79227f3d-f443-4e9c-a4d1-c195e2befa8b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2DA7 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFNd7sz_1Z1S2tsLVK7jYrx2zkQuatWYvs16rn2tf4k9wXa2-JBAzMHNoBRI5IKXbw2GuMFnq5dneC5tSvXm4GHcFkVJAJgs1awisBI6w50AMfO1eZ&sig=Cg0ArKJSzCAdCAulBayTEAE&id=lidar2&mcvt=1000&p=1120,436,1210,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=4028002665&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646922573607&rpt=442&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 2DA7 0
834 B 22ms
21ms Ping
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftrib.com%2F&e=wqT_3QLJBPBMSQIAAAMA1gAFAQjNlqiRBhDLt4yp16O_ik8Y3fGboaX0q7B0KjYJiUFg5dAiqz8RhLuzdtuFpj8ZAAAAgOtR_D8hhLuzdtuFpj8piUEJJNAxAAAAIIXr0T8wsuS9CTjRGECVCUhgULqDvpEBWPyna2AAaNOLhQF4y9gFgAEBigEDVVNEkgUG9F4BmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsPLWeoCEWh0dHBzOi8vdHJpYi5jb20vgAMAiAMBkAMAmAMXoAMBqgNBEhg4OTk1NDUwNTExNTA3MzU1MDg3X3NiaWQaEzU2OTg0NTc3MzE0OTE2MzQxMjMiCTMwNTEwMzI5MCoFTTExNzPAA6wCyAMA2AOi_SPgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjExNC4yMTUuMTMxqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqDvpEBiAUBmAUAoAXP64HoyNKQ63zABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAAAAAAAAAAABT5kABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOL4GQADIB8vYBdIHDQkJNgk4CNoHBgknROAHAOoHAggA8AfDmwGKCAIQAA..&s=ae6aacff9d2a02ddb8ae4c23ad16f5c791fca885&type=pv&jm=1003&px=436&py=1120&bw=728&bh=90&sf=0.89&sid=7175670301849930203&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19886642&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:35 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3a05f237-e202-418a-a281-bac6f32dbb4f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203080101/ Frame C046 294 KB
106 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com&bust=31065595

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5bb8b3a217ffae9a01543f6ca655af5dc4d01ccf05b2bdd3551558654ae5415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108377
x-xss-protection: 0
server: cafe
etag: 3123070418808643221
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:29:35 GMT

GET
DATA 200
OK truncated
/ Frame C046 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9eef46ae43e6d734296c524fb7f9c792b169f4c58810aa1fcb78afe8e4b772b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ Frame DAD8 292 KB
105 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c186340fdcfb3085855342fbc22c93d9d003ee2d40fae72c447393ab23fd1014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107532
x-xss-protection: 0
server: cafe
etag: 5488547916897653269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:29:35 GMT

GET
DATA 200
OK truncated
/ Frame DAD8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b23a2c9e5f164c3e601e94398c2ad8ee786120092553ae36570ff84d1ad3700b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203080101/ Frame AF95 294 KB
106 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com&bust=31065575

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5bb8b3a217ffae9a01543f6ca655af5dc4d01ccf05b2bdd3551558654ae5415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108377
x-xss-protection: 0
server: cafe
etag: 3123070418808643221
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:29:35 GMT

GET
DATA 200
OK truncated
/ Frame AF95 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12edbb86243673ca2dc913330339b569246e82a3b263831f95e3eb01a6012ae7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ Frame 76C9 292 KB
105 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aa8374b1a84ef714153d1a4cfe234813ff6c118c3cafe545a6b8fd5d9c2d57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107520
x-xss-protection: 0
server: cafe
etag: 11400439825139180766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:29:35 GMT

GET
DATA 200
OK truncated
/ Frame 76C9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bd5f897afc6ea6580028e3f1b917687c9f0ffd8b51be7441e60119269719b5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/ Frame 0E3A 294 KB
106 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com&bust=31065567

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2aaac2e5546c4d49c6074b59f4d547b8261e26712fef98738c6cd5ca309fae24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108467
x-xss-protection: 0
server: cafe
etag: 17225519855498979083
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:29:35 GMT

GET
DATA 200
OK truncated
/ Frame 0E3A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84be9ee2d573d23eeda3d90492f4aedb38dc0d37452fd7d0a7f952ed08e63518

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/ Frame 2F46 294 KB
106 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com&bust=31065567

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7987b43045b32d105c0a7278d2c18e8d3ec635d5fe379c1846f640800bae19b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108462
x-xss-protection: 0
server: cafe
etag: 352360727348259656
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:29:35 GMT

GET
DATA 200
OK truncated
/ Frame 2F46 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbf27eae0a10b7396f5c10ba259cf31223f465d9eb3c1fa1e13add046e453b18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame C046 0
0 40ms
40ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuwewKeDyeBik6MKa5139Jh_oVI8zUzO90ZxK3bgBYRWJ0rgrW4tvdZDwqslMFAH3_IYAj3rVL0SDbdx0OO2KE6Cc0IamejU_qEbd5L9jU1laIk2hjFuj3hYtLkBE5661KrDeJq7-7iUjL8Xrgw4W48bXsa6H-byQqmj92Ft46vlUId_wjwIFF9G90UGyHfloa1txDyEFkBol3YpDk2a2Z4GtsQqwzT0U-_MQlbqEZIko0K_PC66FDYJximtk4pYBbh29etrVnI2s7cPL-expbMXpCx8-dosVKz_MD4LJLNM5c6UH_oUiQgsAZow_Vh3Q&sig=Cg0ArKJSzJXUAkLC5LFKEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame DAD8 0
0 41ms
40ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst2DcKAvrWWg2HL4axIawRN-_3RgtWvipigZHf8UbrezchwMpWtTe7_zFkGJv6x3PUuchgPPnvRrkUrtwQOQscu3nvl2uy2fS_4TPIRv5wLU1wzbCZYPB405rJBMSW0YdwCpjZolHDKJz2BTKI_dlNWCJmKav579bqEIar2nTM2kTHYsjkAaBGx0bKq3wh3fQ7atW6_Q3IKRc7kXHLFVfumcbv8wMVbW505tGqpUUMxECCxqGAqsMnDQ2f7xtdduofBiUTk9Fq85p9ibXD4-JlgNXbFeup8ghD0QnK608_BA6wK4iRIQufsmEaEdITOsQ&sig=Cg0ArKJSzJjgxxgXt8h9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 76C9 0
0 41ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuX4ggb8citNw2NtwBXoy5ds-xdX3B3IytnJ4s2vfD_aD9fenUqLX_d2rM-c_cX5K-sZbJYWreVjyZAPEYCH0ZjvwAbxcauK-H5GF6lpnDTzkbND8oE28NYdoeduyW4t1kGqRqsFEGJX3J9W7LjcsAEAzFEc0WFAM9TkvHXAkZjjmGb4dOkAwvVqpMbe7Tic6QcU2WNiY_NAkYIOI0a2fZv_QOIgIAnCJDArHSJo65NqNCdKU5TGsn19DDBlTRiyNqd7A8WgLMQRKQh9JTqwav0VQc-KfNlzvXwAeRZFUFBHC1fgKyikCQX241lUwklyw&sig=Cg0ArKJSzJ1BY7sXZ9ixEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame AF95 0
0 41ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuq4m_YLtcfAaaZNFXTLwj2WetBPgFt8fF8ElOpO068xYUWqkhBa-VM3oDDN2xecoTehvVc37LNxXdf6LKUdg5ZZj8-TyyvQGw-147YXdvz6KPGVaNiu166EA60nFJ_38DZlmjTtlsKqZeR7e5pRgLZJnWJ-E1NGX-pd4OHVaFjOG8IatdBBOHjhQboOStNhNpFxu8vG4qQ9dHwfTC-pj_eg70tBY85tjGb2DypJqrGUR43qUdM2VqN2i_isggTs756PKebD6lCE20UJ50gEHi5RFWFMe-iaGCK0fkzlUUBdhQN3jItl6mIRKeRleOsnA&sig=Cg0ArKJSzPd2X9jQZWtMEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame F7A8 0
263 B 19ms
19ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=4129829b29bc460fb94808e805bef00f&nav_pltfrm=Linux%20x86_64&cbust=1646922575506992
Requested by: Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal75.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:35 GMT
Vary: Origin
Access-Control-Allow-Origin: https://trib.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 03/09/2022 14:29:35

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0E3A 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssMN30QX5fwoVC1ia0BgfSVnb6Xys8kjwlcW0Xcx1uRpEIdtcr6IRLhJ57w8ulZXRDcuFESFufT0Un0mrfYDD-ZOx-mB2qDbear_iaIyDvz0kZESEBNWQuUMGEDRh2YkxCevVr0nKTJstH4QYeYEa_MFukwqWgPg_FcdETI6_VnhGT6Q4oxqfLcbMU2YYxMG8Y9kOK89ZzmAv8DRC3--4FtYVULoR9u8E_p69m1nFlY4BbPNsoKYNTxwArQya2P34bm6xDZVxLf0_vwK3Uh6OASXpW-J4YKzNZd8hRbU5Zgq-voPRhzWqOCFWi5sNNH&sig=Cg0ArKJSzBgmkaejpA5kEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 2F46 0
0 66ms
66ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvIsEWM2ML2lWMRCApJ89EOJGzHMPM-VyGS8DkTzOqVYSRUYNgWpSzxjKD1yLFVNzV9cgSUxZ7KdpjDZgUHVm6y-_pWTgnhnwhggh1UOrj6ecFO9caQBKsUNJ4Hg95voIzGPlOutMwWjKUlqGeAshsf6l8FK9Kuaz09l5RV4BPkJWT4OI0xZ-k19vyrG0OQTUYdzSRzucL6M5_X4qrOKghQVbfFew_OAbFH35RWTysV6wELdjgD0WWYpO3dPXpacI9KaQiRyKZafKtWtHqEr6OXz7_L9kikSHdYF_BUgIjfzFj3oR26IvE-fqvsej8__w&sig=Cg0ArKJSzDo5xCP21G18EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:29:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 75DF 0
263 B 34ms
34ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=bc9cda281d8441468fa00e5691b1d6a5&nav_pltfrm=Linux%20x86_64&cbust=1646922575615992
Requested by: Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal75.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:35 GMT
Vary: Origin
Access-Control-Allow-Origin: https://trib.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 03/09/2022 14:29:35

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 735B 0
0 33ms
32ms Document
text/plain 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13401719
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:29:35 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap7ams1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2A3D 15 KB
6 KB 75ms
19ms Document
text/html 184.30.24.198

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.198 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=59774
expires: Fri, 11 Mar 2022 07:05:49 GMT
date: Thu, 10 Mar 2022 14:29:35 GMT
vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 3B84 0
0 32ms
22ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e9cbe52ec5b9bf5-FRA

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame F820 0
0 705ms
119ms Document
text/plain 67.202.105.23

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 -, , ASN (),
Reverse DNS
Software: 33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

x-33x-status: 2000208
server: 33XP003
date: Thu, 10 Mar 2022 14:29:36 GMT

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 1026 0
0 30ms
23ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e9cbe52ec5d9bf5-FRA

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame AC6D 0
0 30ms
30ms Document
text/plain 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13401719
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:29:35 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap7ams1

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame C99F 3 KB
2 KB 73ms
18ms Document
text/html 184.30.24.241

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.241 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1388
Date: Thu, 10 Mar 2022 14:29:35 GMT
Connection: keep-alive

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A6D2 15 KB
6 KB 69ms
20ms Document
text/html 184.30.24.198

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.198 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=59774
expires: Fri, 11 Mar 2022 07:05:49 GMT
date: Thu, 10 Mar 2022 14:29:35 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame DB1B 926 B
1 KB 605ms
33ms Document
text/html 104.17.120.107

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:29:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id: 15DG7FS62Q387667
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 6038
Expires: Thu, 10 Mar 2022 15:29:36 GMT
Cache-Control: public, max-age=3600
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6e9cbe567b2f9b71-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame E972 926 B
1 KB 612ms
40ms Document
text/html 104.17.120.107

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:29:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 4262
Expires: Thu, 10 Mar 2022 15:29:36 GMT
Cache-Control: public, max-age=3600
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6e9cbe567acf692b-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 87A4 3 KB
2 KB 69ms
17ms Document
text/html 184.30.24.241

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.241 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1388
Date: Thu, 10 Mar 2022 14:29:35 GMT
Connection: keep-alive

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 32BA 0
0 694ms
118ms Document
text/plain 67.202.105.23

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 -, , ASN (),
Reverse DNS
Software: 33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

x-33x-status: 2000208
server: 33XP001
date: Thu, 10 Mar 2022 14:29:36 GMT

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 00F2 0
0 30ms
27ms Document
text/plain 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13401719
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:29:35 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap7ams1

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame A64B 0
0 23ms
21ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e9cbe52fc799bf5-FRA

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 1729 0
0 688ms
118ms Document
text/plain 67.202.105.23

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 -, , ASN (),
Reverse DNS
Software: 33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

x-33x-status: 2000208
server: 33XP001
date: Thu, 10 Mar 2022 14:29:36 GMT

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 987C 926 B
1 KB 607ms
44ms Document
text/html 104.17.120.107

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:29:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id: 15DG7FS62Q387667
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 6038
Expires: Thu, 10 Mar 2022 15:29:36 GMT
Cache-Control: public, max-age=3600
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6e9cbe567d519b5b-FRA
Content-Encoding: gzip

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame D7E0 0
0 24ms
22ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e9cbe530c9f9bf5-FRA

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 3582 3 KB
2 KB 77ms
32ms Document
text/html 184.30.24.241

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.241 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1388
Date: Thu, 10 Mar 2022 14:29:35 GMT
Connection: keep-alive

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame CD08 0
0 35ms
30ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e9cbe531cd19bf5-FRA

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 59F9 0
0 37ms
34ms Document
text/plain 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13401719
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:29:35 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap7ams1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9BD6 15 KB
6 KB 48ms
34ms Document
text/html 184.30.24.198

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.198 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=59774
expires: Fri, 11 Mar 2022 07:05:49 GMT
date: Thu, 10 Mar 2022 14:29:35 GMT
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E447 15 KB
6 KB 33ms
20ms Document
text/html 184.30.24.198

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.198 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=59774
expires: Fri, 11 Mar 2022 07:05:49 GMT
date: Thu, 10 Mar 2022 14:29:35 GMT
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 99E2 15 KB
6 KB 45ms
32ms Document
text/html 184.30.24.198

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.198 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=59774
expires: Fri, 11 Mar 2022 07:05:49 GMT
date: Thu, 10 Mar 2022 14:29:35 GMT
vary: Accept-Encoding

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame C887 0
0 53ms
53ms Document
text/plain 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13401719
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:29:35 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap7ams1

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame F307 926 B
1 KB 569ms
32ms Document
text/html 104.17.120.107

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:29:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: ozLLefD0knKZ2yMzZ7EA3qLK8cSPeKdEpQT28HMOVUE2s5XW77p+1QkMqhU1tUmLZbb1zAjl4MU=
x-amz-request-id: GNVBWB8PQV5H0AVC
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 326
Expires: Thu, 10 Mar 2022 15:29:36 GMT
Cache-Control: public, max-age=3600
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6e9cbe567b0a929f-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 146B 3 KB
2 KB 68ms
31ms Document
text/html 184.30.24.241

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.241 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1388
Date: Thu, 10 Mar 2022 14:29:35 GMT
Connection: keep-alive

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 825C 0
0 661ms
119ms Document
text/plain 67.202.105.23

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 -, , ASN (),
Reverse DNS
Software: 33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

x-33x-status: 2000208
server: 33XP004
date: Thu, 10 Mar 2022 14:29:35 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 619F 3 KB
2 KB 64ms
25ms Document
text/html 184.30.24.241

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.241 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1388
Date: Thu, 10 Mar 2022 14:29:35 GMT
Connection: keep-alive

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 7117 926 B
1 KB 563ms
33ms Document
text/html 104.17.120.107

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:29:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 4262
Expires: Thu, 10 Mar 2022 15:29:36 GMT
Cache-Control: public, max-age=3600
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6e9cbe567e2c9a2d-FRA
Content-Encoding: gzip

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame BF66 0
249 B 468ms
20ms Ping
text/plain 213.254.244.24
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=4443eb51a35a465aa4c43b43ead32260&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_atali=1&vdur=169&eoid=8&msrjs=2375&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=83&tetms=11&msltms=86&vltms=169&sei=290&vetms=181&engms=1&engisel=1&ttfurm=2384&mpt=1646922575944195
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2375.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.24 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://ad.doubleclick.net
Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:36 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 03/09/2022 14:29:36

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2A3D 5 KB
6 KB 468ms
25ms Script
text/html 198.47.127.19

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=48107448&p=156917&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 153b87e5741405d2511b166783541474a2a5a97c9048d08b13cf2f4d956e9d2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 7B4E 54 B
326 B 107ms
36ms Document
text/html 2.21.141.232

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpHEkPVpHEkEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Expires: Thu, 10 Mar 2022 14:29:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:36 GMT
Content-Length: 54
Connection: keep-alive

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame E6FE 54 B
326 B 104ms
38ms Document
text/html 2.21.141.232

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpHEkPVpHEkEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Expires: Thu, 10 Mar 2022 14:29:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:36 GMT
Content-Length: 54
Connection: keep-alive

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame F684 54 B
326 B 83ms
28ms Document
text/html 2.21.141.232

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpHEkPVpHEkEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Expires: Thu, 10 Mar 2022 14:29:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:36 GMT
Content-Length: 54
Connection: keep-alive

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 1B8A 54 B
326 B 80ms
26ms Document
text/html 2.21.141.232

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpHEkPVpHEkEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Expires: Thu, 10 Mar 2022 14:29:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:36 GMT
Content-Length: 54
Connection: keep-alive

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 910F 54 B
326 B 84ms
32ms Document
text/html 2.21.141.232

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpHEkPVpHEkEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Expires: Thu, 10 Mar 2022 14:29:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:36 GMT
Content-Length: 54
Connection: keep-alive

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C046 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTllHAKdOVkYj1WOu9B4o7V865To-I2VM_hCS0qfUFFGlZXhWWBQEdDNsGhK5OlGRLMcODpLlY9SCjEUiifRLFeNS7GtmK9_szcCiXFSmhcG_mCJLN&sig=Cg0ArKJSzGaK1Qvtv8H5EAE&id=lidar2&mcvt=1021&p=1120,436,1210,1164&mtos=0,1021,1021,1021,1021&tos=0,1021,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=2384033330&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646922572919&rpt=2511&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame B707
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=56C2C7BC-5720-40F6-B1F0-D2BAD790D72C
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=56C2C7BC-5720-40F6-B1F0-D2BAD790D72C

35 B
467 B

38ms
37ms

Document
image/gif

37.157.4.29

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=56C2C7BC-5720-40F6-B1F0-D2BAD790D72C

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Mar 2022 14:29:36 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Thu, 10 Mar 2022 14:29:36 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=56C2C7BC-5720-40F6-B1F0-D2BAD790D72C
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B6FA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7f2a622a-0b50-4400-9173-1931dddbc291&gdpr=0&gdpr_consent=

42 B
339 B

378ms
25ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7f2a622a-0b50-4400-9173-1931dddbc291&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Mar 2022 14:29:36 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug003:0:409
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Thu, 10 Mar 2022 14:29:36 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4256 109297d master zrh-pixel-x13 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7f2a622a-0b50-4400-9173-1931dddbc291&gdpr=0&gdpr_consent=
Expires: Thu, 10 Mar 2022 14:29:35 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame AC3F
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1432198052697156572

42 B
211 B

46ms
30ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1432198052697156572
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Mar 2022 14:29:36 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug015:0:1151
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1432198052697156572
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 2DDB 43 B
362 B 114ms
23ms Document
image/gif 178.250.2.151

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Thu, 10 Mar 2022 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 709115
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F958
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7073478602977114252

42 B
384 B

449ms
24ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7073478602977114252
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Mar 2022 14:29:36 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug005:0:470
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Thu, 10 Mar 2022 14:29:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7073478602977114252

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 44BF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YioLUAAMHy30TwBH&gdpr=0&gdpr_consent=&_test=YioLUAAMHy30TwBH

1 B
393 B

303ms
24ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YioLUAAMHy30TwBH&gdpr=0&gdpr_consent=&_test=YioLUAAMHy30TwBH
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Mar 2022 09:24:27 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug0026:0:495
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YioLUAAMHy30TwBH&gdpr=0&gdpr_consent=&_test=YioLUAAMHy30TwBH
accept-ranges: bytes
date: Thu, 10 Mar 2022 14:29:36 GMT
via: 1.1 varnish
x-served-by: cache-hhn4043-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1646922577.709644,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 098F
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
244 B

401ms
23ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Mar 2022 08:33:03 GMT
content-type: text/html; charset=utf-8
x-lat: amspug0021:2:252
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Thu, 10 Mar 2022 14:29:36 GMT
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D820
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=EmnH40HhSeNrkz84QrHm8dly14M

42 B
218 B

35ms
26ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=EmnH40HhSeNrkz84QrHm8dly14M
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Mar 2022 14:29:36 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug009:0:599
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Thu, 10 Mar 2022 14:29:36 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=EmnH40HhSeNrkz84QrHm8dly14M
Content-Length: 159
Connection: keep-alive

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame C724
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFYlhVN0VWQmNBQUNzbHB1eTF5QQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

39ms
38ms

Document
image/gif

52.31.243.45

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.243.45 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Thu, 10 Mar 2022 14:29:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Thu, 10 Mar 2022 14:29:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 3EE3 0
0 377ms
120ms Document
text/plain 5.161.54.172

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.161.54.172 -, , ASN (),

Reverse DNS

Software

nginx/1.21.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx/1.21.4
Date: Thu, 10 Mar 2022 14:29:36 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 658B
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
419 B

187ms
179ms

Document
image/gif

2606:4700::6812:c05

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 10 Mar 2022 14:29:36 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e9cbe58d89390a0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 10 Mar 2022 14:29:36 GMT
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 197
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e9cbe579ef590a0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 0971 43 B
277 B 166ms
40ms Document
image/gif 195.5.165.20

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Vary: Accept-Encoding
X-adserver-worker: komodo-7256dd94cdfe@version_1.383
Connection: close
X-server-arch: v2
Content-Type: image/gif
Content-Length: 43
X-core-time: 0ms
Date: Thu, 10 Mar 2022 14:29:36 GMT

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 3E6C 43 B
408 B 110ms
23ms Document
image/gif 63.251.232.165

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.165 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Thu, 10 Mar 2022 14:29:36 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-9
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2 404 dpe Show response
ad4m.at/ad/ Frame 8623 15 B
891 B 94ms
30ms Document
text/plain 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 10 Mar 2022 14:29:36 GMT
content-type: text/plain; charset=utf-8
content-length: 15
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: max-age=43200, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 780690
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e9cbe57af4192c5-FRA

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame B4B8
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ab324fa9-ce80-48bc-b71f-7023878b70c7-tuct92390d0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
148 B

68ms
25ms

Document
text/plain

151.101.129.44

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ab324fa9-ce80-48bc-b71f-7023878b70c7-tuct92390d0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Thu, 10 Mar 2022 14:29:36 GMT
via: 1.1 varnish
x-served-by: cache-hhn4042-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1646922577.647757,VS0,VE8
content-length: 0

Redirect headers

server: nginx
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ab324fa9-ce80-48bc-b71f-7023878b70c7-tuct92390d0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Thu, 10 Mar 2022 14:29:36 GMT
via: 1.1 varnish
x-served-by: cache-hhn4069-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1646922577.573384,VS0,VE9
x-vcl-time-ms: 9
content-length: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2A3D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VsLHvFcgQPax8NK615DXLA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

17ms
17ms

Image
text/html

184.30.24.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol: H2
Server: 184.30.24.198 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:36 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=59773
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Fri, 11 Mar 2022 07:05:49 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 2A3D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bf21622a-0b50-4800-a752-92feda53faed

0
260 B

213ms
25ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bf21622a-0b50-4800-a752-92feda53faed
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 10 Mar 2022 14:29:36 GMT
Server: MT3 4256 109297d master zrh-pixel-x13 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bf21622a-0b50-4800-a752-92feda53faed
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 10 Mar 2022 14:29:35 GMT

GET
H/1.1

200
OK

pixel
ps.eyeota.net/ Frame 2A3D
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=56C2C7BC-5720-40F6-B1F0-D2BAD790D72C
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b994f2c9f4f69faa91f46c580572eda4&gdpr=1
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_co...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=527c566488b38575b1fd1c049d0aa805&gdpr=Y&gdpr_consent=${gdpr_consent}
https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3Ddn5h51u%26t%3Dgi...
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=ac484e3ff13172f4

0
344 B

81ms
18ms

Image
text/plain

3.124.210.90

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=ac484e3ff13172f4
Protocol: HTTP/1.1
Server: 3.124.210.90 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:29:37 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=ac484e3ff13172f4
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2A3D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTZDMkM3QkMtNTcyMC00MEY2LUIxRjAtRDJCQUQ3OTBENzJD&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

119ms
30ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:36 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:607
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2A3D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEXCiAX8AQjK0Gr6TiWBH-Q&google_cver=1

42 B
283 B

120ms
30ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEXCiAX8AQjK0Gr6TiWBH-Q&google_cver=1
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:36 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:531
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEXCiAX8AQjK0Gr6TiWBH-Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 2A3D 43 B
608 B 104ms
22ms Image
image/gif 159.122.14.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 09 Mar 2022 14:29:36 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2A3D
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=418805657211533826

42 B
389 B

316ms
40ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=418805657211533826
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:31:27 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0023:0:382
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:36 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=418805657211533826
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2A3D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5a868278-3a57-43f6-96d5-56930a34a4f3

42 B
295 B

409ms
24ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5a868278-3a57-43f6-96d5-56930a34a4f3
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:36 GMT
cache-control: no-store, no-cache, private
x-lat: amspug018:0:379
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:36 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5a868278-3a57-43f6-96d5-56930a34a4f3
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2A3D
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8385895617895266525&gdpr=0&gdpr_consent=

42 B
234 B

184ms
29ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8385895617895266525&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:36 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:462
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:36 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f10c3d25-ee19-4ed4-ac95-ee985248eb8b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8385895617895266525&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2A3D
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nFw3IJoMMHGHVjJwzlgoeZJfMiCHXDJzz1q1Ysqt

42 B
624 B

167ms
29ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nFw3IJoMMHGHVjJwzlgoeZJfMiCHXDJzz1q1Ysqt
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:36 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug004:0:432
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nFw3IJoMMHGHVjJwzlgoeZJfMiCHXDJzz1q1Ysqt
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 56C2C7BC-5720-40F6-B1F0-D2BAD790D72C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2A3D 43 B
994 B 147ms
48ms Image
image/gif 2a05:d018:d29:3605:9290:fe02:2ee8:2378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/56C2C7BC-5720-40F6-B1F0-D2BAD790D72C?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:9290:fe02:2ee8:2378 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:36 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 2A3D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=56C2C7BC-5720-40F6-B1F0-D2BAD790D72C&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=56C2C7BC-5720-40F6-B1F0-D2BAD790D72C&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KE7oYg9E2uUo.opy.GAZANsQ41oSKJk-~A&gdpr=0&gdpr_consent=

0
128 B

127ms
26ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KE7oYg9E2uUo.opy.GAZANsQ41oSKJk-~A&gdpr=0&gdpr_consent=
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:36 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KE7oYg9E2uUo.opy.GAZANsQ41oSKJk-~A&gdpr=0&gdpr_consent=
date: Thu, 10 Mar 2022 14:29:36 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2A3D
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=4311eca1-ee34-4da8-b9a1-300e33bf1fc1&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
https://x.bidswitch.net/sync?dsp_id=440&ssp=pubmatic&user_id=6AHHW9eDvWNpOUiuJEip0
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4311eca1-ee34-4da8-b9a1-300e33bf1fc1&gdpr=&gdpr_consent=&gdpr_pd=

1 B
336 B

24ms
23ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4311eca1-ee34-4da8-b9a1-300e33bf1fc1&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:37 GMT
cache-control: no-store, no-cache, private
x-lat: amspug018:0:427
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4311eca1-ee34-4da8-b9a1-300e33bf1fc1&gdpr=&gdpr_consent=&gdpr_pd=
Date: Thu, 10 Mar 2022 14:29:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2A3D
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6980344373774567574&gdpr=0&gdpr_consent=&us_privacy=

1 B
324 B

177ms
25ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6980344373774567574&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:35 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:357
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6980344373774567574&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 10 Mar 2022 14:29:36 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame 2A3D 0
0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 2A3D 0
104 B 166ms
44ms Image
text/plain 2a02:fa8:8806:12::1400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=56C2C7BC-5720-40F6-B1F0-D2BAD790D72C&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:36 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2A3D
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8385895617895266525

42 B
188 B

171ms
25ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8385895617895266525
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 08:35:45 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0028:0:301
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:36 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 78b3f797-4976-4201-8dbc-d2e38ba9f61e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8385895617895266525
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2A3D
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
359 B

30ms
29ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:29:37 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:530
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:36 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 d1ba4609
rtb.gumgum.com/getuid/ Frame 2A3D 35 B
209 B 176ms
38ms Image
image/gif 18.202.206.42

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.206.42 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:37 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DAD8 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVPzbTpMbckK4vUWnYqmtFnaOPfQsXTTNnfL-sTxK4JXWQEAAe2X6DtHcNpA5sZ-JOzQRmr5HkHRNfzxmgwG-1tOWQNnL_t-10jfzU48tTVSBPG1Oa&sig=Cg0ArKJSzH2VEm_SDCIaEAE&id=lidar2&mcvt=1020&p=1120,436,1210,1164&mtos=0,1020,1020,1020,1020&tos=0,1020,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=2665021203&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646922572957&rpt=2517&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 76C9 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufj5VHq7kXEjbXOowDtiaKJuSiLsZOyhr2rvWa_ZL6RZxB_HSDGBm0jPrCwo_eKM3OQXBTFrFfHtDbyH8CBpIvyBMb3DqklvrFanRLQ3MEj6nthHuA&sig=Cg0ArKJSzC6_0ICznNtxEAE&id=lidar2&mcvt=1021&p=1120,436,1210,1164&mtos=0,1021,1021,1021,1021&tos=0,1021,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=3366251554&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646922573408&rpt=2069&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AF95 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLYcOnI-ISHo_FqSYzPkO7hd10GdqvDPFuwECJrVdDviaiVVb7XUJHPovxwHaAWAfr9L5ykPlmF6GNiSYULPemoErdICG3dW5ep8Gti3-vFB-zeEan&sig=Cg0ArKJSzMpvwBtnyHQsEAE&id=lidar2&mcvt=1022&p=1120,436,1210,1164&mtos=0,1022,1022,1022,1022&tos=0,1022,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=1326595308&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646922573139&rpt=2344&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0E3A 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunpOT03B-3K8higR8QjHHQjMrkix3e9G_8ObCK1nuC2PG-LeK31NfpFzRYMDXfGsKvwVwpvx2DSrCziMSwIfDH05TfJf-vDC0K42EoStE1OK9-J2Ot&sig=Cg0ArKJSzGZlVL8JlhAkEAE&id=lidar2&mcvt=1006&p=1120,436,1210,1164&mtos=0,1006,1006,1006,1006&tos=0,1006,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=889030988&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646922573006&rpt=2507&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2F46 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvMny9IeyFimSJnyKRCMIRis5nfGXbCs2WCRuh81GjYC6XCrxkUAk2H_Yz01ggfanV9AC52m1MkKakbnRlMy0kE2xnc9aRpZTFnfrfk7LE0OLrTJ-H&sig=Cg0ArKJSzBtO97E3SFdpEAE&id=lidar2&mcvt=1001&p=1120,436,1210,1164&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=3436911532&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646922573014&rpt=2523&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame BF66 0
249 B 49ms
49ms Ping
text/plain 213.254.244.24
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=4443eb51a35a465aa4c43b43ead32260&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=10&ismms=39&isumms=38&isvelg=1&nvr=6&elmtp=3&isbxdms=2438&b0=100&b9=2549&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2649&sftb=2649&msrdp=1&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1038&isuiabvms=1038&engalms=38&engscrlms=137&dvp_pageEng=true&dvp_dpr=1&dvp_valpct=2&mpt=1646922576935292
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2375.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.24 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://ad.doubleclick.net
Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:26 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 03/09/2022 14:29:36

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 71ms
26ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:29:37 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST bid
ap.lijit.com/rtb/ Frame C821 0
0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame C821 0
59 B 26ms
26ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9cbe601aa99bf5-FRA
access-control-allow-headers: Content-Type, Origin

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame C821 38 B
335 B 22ms
21ms XHR
text/plain 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222721940865807764%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2227331b7540757473%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 346c4c988e9dceb39795138d278dc222da063759c19855243066e93a928539c3

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:37 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.131], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 38
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:29:37 GMT

POST hb
ssc.33across.com/api/v1/ Frame C821 0
0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C821 96 B
728 B 42ms
42ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222777509867681437%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90b_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=51e9b068-4d94-45fc-b379-d8a8bad8e690&pv=46c302a6-ab52-47c3-88b1-5446723b9b53&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

278f6af296a9387e103587a6a85457c83ec26a1550b9ab6459dab60917dddfa8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:37 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST translator
hbopenbid.pubmatic.com/ Frame C821 0
0

POST unruly_prebid
targeting.unrulymedia.com/ Frame C821 0
0

POST
H2 204 / Show response
hb.emxdgt.com/ Frame C821 0
153 B 24ms
24ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646922577932&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:37 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST prebid
ib.adnxs.com/ut/v3/ Frame C821 0
0

POST c
prebid.a-mo.net/a/ Frame C821 0
0

POST prebid
ib.adnxs.com/ut/v3/ Frame C821 0
0

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 39ms
30ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:29:37 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST prebid
ib.adnxs.com/ut/v3/ Frame C821 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C821 50 B
892 B 19ms
19ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:37 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b595b023-5546-46cc-bcef-3ad7c45f9fc1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST translator
hbopenbid.pubmatic.com/ Frame C821 0
0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame C821 38 B
335 B 22ms
22ms XHR
text/plain 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22297886fb765a086d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2229857674c289de01%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a5dd69caf9716e82798b84909dcd6768d4d31ed6429e1a7aeea7e4ddeb73fc66

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:29:37 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.131], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 38
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:29:37 GMT

POST hb
ssc.33across.com/api/v1/ Frame C821 0
0

POST bid
ap.lijit.com/rtb/ Frame C821 0
0

POST unruly_prebid
targeting.unrulymedia.com/ Frame C821 0
0

POST
H2 204 / Show response
hb.emxdgt.com/ Frame C821 0
153 B 22ms
22ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646922577967&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:29:37 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame C821 0
36 B 23ms
23ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:29:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9cbe605b439bf5-FRA
access-control-allow-headers: Content-Type, Origin

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C821 95 B
727 B 33ms
28ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2231010ec5d0a1a9a%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90c_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=61323479-08ed-4f7e-8d99-618daf3ca051&pv=46c302a6-ab52-47c3-88b1-5446723b9b53&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

72978efbfd156ed8471b0154a06f58d73948375631ac4b11a5da0f477f066ef4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:29:37 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST c
prebid.a-mo.net/a/ Frame C821 0
0

OPTIONS unruly_prebid
targeting.unrulymedia.com/ Frame 0
0

GET cygnus
htlb.casalemedia.com/ Frame C821 0
0

POST bid
ap.lijit.com/rtb/ Frame C821 0
0

POST c
prebid.a-mo.net/a/ Frame C821 0
0

POST v1
dmx.districtm.io/b/ Frame C821 0
0

POST prebid
ib.adnxs.com/ut/v3/ Frame C821 0
0

POST unruly_prebid
targeting.unrulymedia.com/ Frame C821 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trib.com
URL: https://trib.com/tncms/messaging/service-worker/

Domain: match.adsby.bidtheatre.com
URL: https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: ap.lijit.com
URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: targeting.unrulymedia.com
URL: https://targeting.unrulymedia.com/unruly_prebid

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO

Domain: ap.lijit.com
URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0

Domain: targeting.unrulymedia.com
URL: https://targeting.unrulymedia.com/unruly_prebid

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: targeting.unrulymedia.com
URL: https://targeting.unrulymedia.com/unruly_prebid

Domain: htlb.casalemedia.com
URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22314a44f385388222%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22315ab8644ab82921%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D

Domain: ap.lijit.com
URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: targeting.unrulymedia.com
URL: https://targeting.unrulymedia.com/unruly_prebid

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/af	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
trib.com/	1970-01-23 11:51:10	Name: TNNoMobile Value: 1
.trib.com/	1970-01-20 01:28:44	Name: spses.48b6 Value: *
.trib.com/	1970-01-20 01:28:46	Name: AMP_TOKEN Value: %24NOT_FOUND
trib.com/	1970-01-20 14:55:06	Name: tms_VisitorID Value: qj9k236cx6
am.freshrelevance.com/	1970-01-20 14:55:06	Name: tms_SessionID Value: 2F0F036D0L
trib.com/	1970-01-20 14:55:06	Name: tms_SessionID Value: 2F0F036D0L
.leetemplates.com/	1970-01-20 10:14:18	Name: sp Value: 052c84a1-beef-41a9-9309-af9d042698cd
trib.com/	1970-01-20 01:28:44	Name: tms_wsip Value: 1
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.go.sonobi.com/	1970-01-20 01:28:42	Name: __uih Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5A Value: s56129\|YioLU
.adnxs.com/	1970-01-20 03:38:18	Name: uuid2 Value: 8385895617895266525
prebid.a-mo.net/	1970-01-20 10:14:18	Name: __amc Value: 3_1646922572_1646922573
.go.affec.tv/	1970-01-20 10:14:18	Name: oo Value: 1
.doubleclick.net/	1970-01-20 01:28:43	Name: test_cookie Value: CheckForPermission
.adnxs.com/	1970-01-20 03:38:18	Name: icu Value: ChgIxfVWEAoYAyADKAMwzZaokQY4A0ADSAMQzZaokQYYAg..
.krxd.net/	1970-01-20 05:47:54	Name: _kuid_ Value: OtZXBMlX
.go.affec.tv/	1970-01-20 10:14:18	Name: ck Value: 622a0b4d668e920001c6bfd0
.myvisualiq.net/	1970-01-20 18:59:54	Name: tuuid Value: 9432e429-1446-4c71-bce7-327fa370bec0
.myvisualiq.net/	1970-01-20 18:59:54	Name: c Value: 1646922573
.myvisualiq.net/	1970-01-20 18:59:54	Name: tuuid_lu Value: 1646922573
.go.affec.tv/	1970-01-20 10:14:18	Name: pt Value: eyJhbiI6eyJkdCI6MTY0NjkyMjU3MywiaWQiOiI4Mzg1ODk1NjE3ODk1MjY2NTI1IiwibHMiOjE2NDY5MjI1NzN9LCJ2IjowfQ==\|1646922573\|768f37a04d3ceb8d46a75c1bc9cf99b33c5ba381

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagservices.com/dcm/impl_v85.js(Line 80) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	error	URL: https://trib.com/ Message: Refused to execute script from 'https://go.affec.tv/px' because its MIME type ('image/gif') is not executable.
security	error	URL: https://trib.com/ Message: Refused to execute script from 'https://go.affec.tv/px' because its MIME type ('image/gif') is not executable.
security	error	URL: https://trib.com/ Message: Refused to execute script from 'https://go.affec.tv/px' because its MIME type ('image/gif') is not executable.
network	error	URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

79b224d51ba85016c58acc9eb0755626.safeframe.googlesyndication.com
a.leetemplates.com
a.tribalfusion.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
am.freshrelevance.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
apex.go.sonobi.com
api.saambaa.com
bcp.crwdcntrl.net
beacon.krxd.net
biddr.brealtime.com
bloximages.chicago2.vip.townnews.com
c.amazon-adsystem.com
c.evidon.com
c1.adform.net
cdn.adnxs.com
cdn.besafe.global
cdn.districtm.io
cdn.doubleverify.com
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
cmp.osano.com
confiant-integrations.global.ssl.fastly.net
contextual.media.net
core.iprom.net
csync.loopme.me
d1eoo1tco6rr5e.cloudfront.net
d5p.de17a.com
d81mfvml8p5ml.cloudfront.net
data00.adlooxtracking.com
ded9ebe03ade0babe47a3773dadea74c.safeframe.googlesyndication.com
dis.criteo.com
dkpklk99llpj0.cloudfront.net
dmx.districtm.io
dn1i8v75r669j.cloudfront.net
dsp.adfarm1.adition.com
eb2.3lift.com
fonts.googleapis.com
fra1-ib.adnxs.com
go.affec.tv
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.emxdgt.com
hblg.media.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.3lift.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
j.adlooxtracking.com
js-sec.indexww.com
l.betrad.com
lg3.media.net
loada.exelator.com
map.go.affec.tv
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantcount.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
ps.eyeota.net
pubmatic-match.dotomi.com
qsearch-a.akamaihd.net
rtb.gumgum.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
rtbcdn.doubleverify.com
rules.quantcount.com
s.tribalfusion.com
s0.2mdn.net
saambaa-static.azureedge.net
saambaa.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
storage.googleapis.com
survey.survicate.com
surveys-static.survicate.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
t.myvisualiq.net
tags.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
trc.taboola.com
trib.com
um.simpli.fi
ups.analytics.yahoo.com
warp.media.net
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ap.lijit.com
dmx.districtm.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
match.adsby.bidtheatre.com
prebid.a-mo.net
ssc.33across.com
targeting.unrulymedia.com
trib.com
104.108.144.24
104.16.68.69
104.17.120.107
104.18.131.43
104.90.181.35
108.157.1.150
108.157.4.12
142.250.181.226
142.250.184.226
142.250.185.226
142.250.186.102
145.40.89.200
151.101.1.194
151.101.129.44
151.101.66.49
159.122.14.34
161.47.17.28
178.162.133.150
178.250.2.151
18.156.0.31
18.202.206.42
18.64.79.84
184.30.24.185
184.30.24.198
184.30.24.241
185.29.132.241
185.64.189.110
185.64.189.112
185.64.190.80
192.104.182.209
195.5.165.20
198.24.171.51
198.47.127.19
198.47.127.20
2.16.186.67
2.21.141.232
2.22.32.24
2001:678:cb4:bbbb::11
213.155.156.182
213.19.147.42
213.254.244.24
216.137.42.177
216.52.2.39
23.37.38.181
23.88.75.188
2600:9000:2057:f400:8:455e:4a00:93a1
2600:9000:206f:8e00:2:36a1:2f40:21
2600:9000:206f:f200:3:b7e:8940:93a1
2600:9000:206f:fe00:7:5031:dc0:21
2600:9000:224a:3200:e:98bf:5f00:21
2600:9000:225f:5e00:6:44e3:f8c0:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:20::681a:bd1
2606:4700::6810:135e
2606:4700::6812:c05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2010
2a00:1450:4001:827::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::200a
2a02:26f0:12d:587::4469
2a02:fa8:8806:12::1400
2a04:4e42:400::300
2a05:d018:d29:3605:9290:fe02:2ee8:2378
2a0b:4d07:101::1
2a0b:4d07:1::1
3.120.57.46
3.124.210.90
34.102.205.239
34.102.253.54
34.149.12.213
34.149.20.76
34.205.3.24
34.254.143.3
35.156.68.250
35.211.178.172
35.241.31.249
35.71.131.137
37.157.4.29
37.252.172.250
37.252.172.45
37.252.173.27
46.137.168.92
5.135.142.37
5.161.54.172
51.210.112.236
52.214.200.7
52.31.243.45
52.48.40.152
54.163.163.51
54.228.204.163
54.229.233.249
54.93.106.38
63.251.232.165
66.155.71.25
67.202.105.23
76.223.111.18
85.114.159.93
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0802c63eabb291031431a22dede92dd27b2cd1429a8e6f0a65e48bd71b54aa7e
0819c26fec68702f8ff7a0973a41662d9c8626364b112b5eec9d5451308bc446
08f7192850887c2df5f5eb8ca30cc8f834e3926c21cb175ffe73fd971e166893
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0aae37caeb1c5064881f16534e735f299658ad15ebe527cb1969e75d9ceb1c40
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0c19e891d936712931d58d11252cd20b1e3edb9666fe5ecd0948a60f4d3c331c
0c564ab82eab3ab608280194eefcee40765ab7872e8ed349e806e3c3170c4631
0ca55d4c101634b817a99d81d3a3c5b8e85a0b80042739634f73fc7186203091
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d2df297341174be85027bbd8afc4dc4f34917eed27cfbc02b3fd37c57f67340
0df2455e875a8b4d4e1e882e6d71949aac3746b8ce498ab201bd17e3f8852cff
0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e
12031675adcc5ab7d0240fc9aa15c8f4fd1ad7c0ac2e21c26e99b67c25335778
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12edbb86243673ca2dc913330339b569246e82a3b263831f95e3eb01a6012ae7
13aa2e1844715382088baf445f2312c6ca906c083ab744dea16443ae4de40a94
148474393c2445ade47d348e23b9e51d1f6cf1e976d4635fc7cdf779b174a490
14b6bf15745fcb2f4f9c225d2b2b86ceeeaa90a2092f6bfc9c58f490404d5fe3
153b87e5741405d2511b166783541474a2a5a97c9048d08b13cf2f4d956e9d2c
15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7
1794ab1a330fa566f4f21116012908a58001e21fb254959ac7cbcd41b25bba34
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
19ee3ded1fe83e848e9b5cb0831689460e07c7d3d867fc692c84dc1106086293
1a751af56afc484774a251f070f5f2b0f6f9af727a3d767fb5be28fe8b2b9030
1aa8374b1a84ef714153d1a4cfe234813ff6c118c3cafe545a6b8fd5d9c2d57e
1bd5f897afc6ea6580028e3f1b917687c9f0ffd8b51be7441e60119269719b5e
1cf918554d9e8390a78e5c33218dbd003ce86a6c94cce1d06b787294eae87cda
1e1ffa3b5d322aa9f1bd65dcb31da431d3acc0e38f2b0889233b3ad615f13a8d
20cb264e054deb038ccc4816ad2ef834b4378d399cfcb66dd0183b6ad7ee0bed
232bf7998ebafda88a66a06d9c3b238b47df0ae62748a99df119038e965ed2f6
24d2826cc3bcce61c44239bec214c1f133f20b990dbebdca32a2d9574df7a511
26071431a1fcdeb2e61fe99ce7198849c11d21662436f0599e12307425895a1e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26ab9a29da8cc677c6f6015748470d12094f179666206637e5655da898243e81
27737a746224f18f95c86e19bbfcb9d01a59f5f14d1a5c2fcf4ea982c4ce71a5
277efb12865b473f3046a93f2bee53394ee5e7cae843926cf958fd97877b2688
278f6af296a9387e103587a6a85457c83ec26a1550b9ab6459dab60917dddfa8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29097afbe55a504f31656a6258acc1a5c7c05f18ebd092d825a1e7011ad23fae
29f432f9702480b5245133be879aa13e342fdfa09469d313eba4b8b06165d4f3
2aaac2e5546c4d49c6074b59f4d547b8261e26712fef98738c6cd5ca309fae24
2afb0d9d9ea6584f6897f87cde4c1858a6c5965c3d053353335fbc6334783909
2b207edab29fd7ce4ef1538cc804a5b6c4a00f054f272e0f4f7a05a39e037f42
2b3cbcbc0595cb42d855176c88195fa0c3487b177c5d6cf8702206ced47a165a
2c0a28a87b0b94e1164b84e70692b630fb1e941e1171f64b1f9daa0a84d11a8c
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d4aef42dfaf0162e69ed566b0c970fd6c41ab229dc4f169cfdccc1ad170d55a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0ebee7b7f89d12dc6dec9101742933c43d3ce47713b1d4cd1ad3360d32834a
2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d
2f8a5315c559f2cf6b98112363da245ef0e9033d46f731a8bb50e3991a96b1ca
2ff30298cb08600b21e18d99439aab14c6616c4436c5183aeeb1b47f68994448
302cb6def0635636470bf6369f72b401df02b6a028bd41be6547195c7e66f6e9
3097a6ede54f055e518f166eaa93eb1cfe40f29b08792e6927c55bca11da7a26
310e0b9decc0fb6200bf8b2e54d34ecaf7c6395987d39cffd513128e3c776017
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
31d8f5490ebd7406cb72ff8a717173b9bfcc99a9117a15331dd0c43d84ac81f1
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
346c4c988e9dceb39795138d278dc222da063759c19855243066e93a928539c3
35205b80e72922780ad484814f9fa39437b92b87bd460da0dae0f81062a290af
35540116548dd90ecb99a75c347866353b47255065de606952690391ce631d4a
35a71c41c763978beb32e4cf69e3b7fdc567ae69fe352fae1c47520309386051
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
373f36b380eba4154e540b52cba0ee7ec78980a5d566b5f67b61cb25c93c3aea
3817d1144e677ecce497a958e192dc46403c0dddcb8b62ad8f661ae789a413ba
38ab564955aaa11c8af6e697c4a5a199ee5bf28ceecbb5c68acf6c66418caae5
39f7df787a969e1c859c9414732d303e2e5d8e72f8e2d87a15a4b2d6e467b871
3c9a2d086d47148ae23b40fb16fa13a5bd578e40aa7ee5acabd1ad9d3c958ecf
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dcc0031075366e0a3d31749b6409b52acc1acf3b6400578d7539c9ff967c497
3e660aba94db0f369cacbf00e60fc57e08baf1fb5b3bc80b8f7a15c5d7011641
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447
42a3402b3df5eee50286bfcdb8fb0d3d0b3301da68695e35f9cede5420262221
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
449b82a5c12e1cd152503114da60771bd0ca6fdea2cc9ff25fecadfd4b825edd
4679d244c3706603d2bf352e0542e7ef4216c232c628840d8931a72cf9c501e1
4700f5f6768a5e501b6f56b6f3911208143e649c1e1e5760e44da8035f0e21cf
4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4cd992fa85c18251d446c9cd271ca16eb1c723ba1fd9d1dcfc7d29f6a23f06d0
4cf989ebb9b84347f3ee9a3109d783739f0d095be986f149f98d9a7325308efa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187
5363ffdb9f57cd1aba5668edb42f7034c3417647cdbf606ebe37fa0bc4dd6939
53da55207c441ee8c7b9519bf1d0d18770e2e91e83bf1f29665470017a8f56aa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55b2d3a6c1e73324dd504475718352d54ec66b66e8a5f16b3492a49de31d88f7
56b9705924e53f0eaec235615d018124fe8e730938aa1ba10d96bc80d4816b76
5770f72d26f8dd6f6d49e97f86f512cf2550105ff36c1ba1781d2757bc9e31bf
5892a6c0477e5e39ee674a39b240944e46dbaf2194033b611a18bb0d85129a51
590126ccd2aef65920d3d31ea44ae95c495cb2c1b98eed645ac67b708b9c2328
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036
5c7cc00545a897c8f8fe3ddef46c3bc799701d388c1391c68634ed15e631f049
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d
5e41a2f56fe577293a8828e34523bfc3d20de91e4eacc0de3a3917e9ab6fb477
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
641ffe2f1888cfbfa9eb7e4e5222265ea11589015e62e71fb1132fda6655f48f
644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6
65551439ed53aa6f08104ee74e6a549d67fe626df2badd6970263cd5451482fa
65f626af7c6ceb0be4d01854190ce8ef617d4f3e5d7b8054975ec622884b61da
6754b15fdca72643da8ab222d98642232529be634a575bafae154f69b7605663
6775e37720d8ae86cee50cbcad6747f91131716713f0ec4786bc18091b9b238f
68d0edbcc9baefe699f18679a3a702457852078534611fe0924d4011aca6fd91
6a69669a5a840a3b88c0a6a09d414800480e4869b86caa62b2cadf630ef7e478
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
6d69434d10f3b284edb24e748769b43d4f667026dfc91a347958f3d299d14a8a
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
7185190e99034cb89a0b114a5ba3c80f0803e34a9d860c4f1dc93f6bee202f31
72029f52ae3aed01efd0fe788ccabe47629726a0b2d849fabbe03c844662ccb8
72978efbfd156ed8471b0154a06f58d73948375631ac4b11a5da0f477f066ef4
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
735d4da3744fb8afe8031641d8f0a8fcefdc95a8a04f9b1f69a315db686c8ac3
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
76333e7d798ef2326bcfb3905af21e18999cbb3576bf2c6c254055dfca2fa7e0
767b5a370edde3b284a6cdbbf1a740435695ef2d866c44fb16f0c3ba189fd886
772786a55754981f248358a6cdbeebbbb21436a1896bd80436e8ae9a3b5d6773
777799d7c87d41c1e47971e8fba21ffeb617ee82f63e0d3ef5d602643e3b9cdf
77fb9b155e6d13e0960911d07f16e13bd376f823f4502bf17d548845feff6308
78340dabd2984895b85f1a3a19cf21fed26d6d4c57038709dbcf94222f6952ce
79083466e54242df079c1f8a26f06a76ad40272869bed59d1d4af12f50b60ac0
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7987b43045b32d105c0a7278d2c18e8d3ec635d5fe379c1846f640800bae19b3
7be6f15cdc72225823e4623ca073348f902ab15469592a8c73d8e5313cc69a89
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7c4f367da6116c4907a7f1694472a72a58d8318c9f94a4a935a67ddc775c633f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84be9ee2d573d23eeda3d90492f4aedb38dc0d37452fd7d0a7f952ed08e63518
84c1a0f3ca1f060f62efcc0221b006b5e59bc1d715305dc65e735335765d3035
85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86fcf18ee3cc2c094450eb335d52f4da2ae15e46c16728bdd9522ba32a7f13a1
879214cf759502673dbbc2d404903d666b075daf8b6944469dbc9bfbdb728181
87a6266c72bd0c1cfd50b1725c7e3f7a1e87773f0df81d50c4d1d404d9fe7ebf
87e886bab48eed50e9eba03120bd08543d719d9deaa17236f6e45c9333f921e8
8947850b9f976d1f1cbd263066e9395f7a0649766aa6fab4643648c475542a98
89d6bb3a2a9c286c107286a1ffd4bbb90e0e5935887de2cc98b5324f1a8c4ac6
8c139854a2247300a497913116e881e099cd622cc0b18d5cbc38c9b9455ea17b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94e8b99f224b394ce1a5031b2f1742c551f635eed13a813716a475d8275f46c5
9566241315f2d4effdeebf75cac8ada41584a4f16583315e535242845a6e60c3
97ded2a432e64f4e5086f03ae1238d87e1e2ffdd63216d068996c566aa55882b
97ed2d9b68d257ca193014ee7341f9d6a31e8cb468280308d71ab69354724b3d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ca1b58f51144561a8b520521a36e0f8cce7f966e19f8765b249e0edf1dc2e3
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9f563d7dbb40d0c55a4101446ddde97aceb7e2896b1b3c3f4a1d4737c568876e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a28b9871dc80175bbb6cbaadf100abc925d5e106f0254c8f8a13d34141d90bfa
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907
a3eaa07986feefceec199370c4dfdcec69afe13ecff226352da795a6d92b74b0
a40f5e0d27b8ea46bf201abaf0142672f50aeb7ea6a15fa92487781831da3b02
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a5158169fab6fc6ef599135e807312f66b79e6be936946617b9678b60ee666f2
a5dd69caf9716e82798b84909dcd6768d4d31ed6429e1a7aeea7e4ddeb73fc66
a69b35bbf528b38f25345885713a8d6dd54dc23652c2190f7c7dfea30bd8550e
a6f15d7289af89a0b23154609c5be954c0cd3b321e2d51493cf0b114b857fdae
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a86eea3bd77a07092b4af88e3dd54272f8118190aaba5fef3bd04dd8a5490ae4
ad140363f2ecb8dae5add2025074460497f8872e300641aabbc456595aabdfd6
b0824285ab642b362c0d255978a157f91aaea39966ab417326018a1d1c8ecb0a
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b23a2c9e5f164c3e601e94398c2ad8ee786120092553ae36570ff84d1ad3700b
b2d5dacc79aa6d5b0602ded5ebfb71d2ce08eeb285d966d487047981cc253d34
b34e7a6e7afde3a1507b65bebc7be48c5248ae3dbe63e4e84a0c53665e53661a
b3834bc943a706105cd6696a28ab8bd8fcd2f5bd68eae19722840de30ed5445a
b3a9a6006e4c01d6d84a49eecf07cf36a818779ff4e99bbff22850f02de9c7a8
b5f11c9aca2586bcf8e195024e473219fab3685030ec1340998f3c2b8bbc3a92
b7cdbaaf76f67c977f3b4a6906e9f82104a643002c1b73b13f4610be89ba4fc7
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bd10bc06c6a8d713473deaa6673cbc705f628d301b9e35942ba623c7b60054ec
bdebed63f916b39b263cee1a2464375418649386ec10d41ef5e12ec3c6afe30e
be345b640c910c8ed064024205fbe510bc120eb32827f4286b8d8d26d5a28498
beb8b93aacf734da3e6bb73de2db0b63381b793a011414ee40ac278c9113b2c8
becfe54a92dcdab6b0dfb3b7db070d3f10e66732ed62a5ec2840ae3edd8c4b38
bf0d139bcd327628d6a79ef2866cb4df0f2f8c4aa008e064f37b14e8d18b0d60
bf598097c8d40d9d20b14f880d6630fdac2c23431d025ba1dd17d3d822b42353
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
c186340fdcfb3085855342fbc22c93d9d003ee2d40fae72c447393ab23fd1014
c2387af7359cfa4f8acf87287f35cd9763a4807ed0ea637c7c1cfda9a14dae54
c23a080940234d03b10c1a20bf0987deeb2023407e167c29054e808eb355e8f2
c3d2af661d10460c9a038db893b29ad45c6fdc2ef790c42c14abfe21137f1b41
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c6c08a49b2a2c62d0c646cc86104f430c7db291d2c716f74f050819a565212f1
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7bf4752dbdffa34676c24001c158ccec95d09708252c7ea385f0aa00b263c33
c890ccaefb37450e0dd87d54a39c457e663b2428a04e62557b29879204f5d5fc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc8fad808172be54f001c0f3d6877e59fce3e5a21d47d1899ff1e7578efa67c2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d086db421e78f95dbb5515b71e5fda3ab18b62f8f61e4cd9f21c6481e9a3bd72
d0a536a578718f61e75d691066ab6cb29f8819d04c2a32d5eccb6231b8cefddc
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96
d414d18b9c5135c56dc4240a0759a5d08ab615bb2a3dfae791b85bba8ca16978
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c
d8facc234fff9d7363bde3353252d8cda51972610b627e4da845736e38a9406b
d9d885ecc8b3105513e98d4c38306184a15613f3e60984651c8b0cccea1b2f15
db4a67617b6be8a7e51017e4c994206bd238e35db41d2e70e1efcb9d922d51f9
db7fd29bcce75304cced26d637354dfbb877ccaf2d7826ea549cf52ae8b8c53f
dbdf0744a013dc2465064690955405988582190840f3f3b8d79b230f1bab2f04
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddc524cc8bb42cfd3c6ae598e876a3447666a4e4df17425bada064e50d028eb6
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
ddf0f071303ae0bde8871d69eebdf08794299cb7fdfc84ff9bda14d3fb365151
ddf16c461e55282bdeb11c642d461bd1e5f2e23730769c98d20cd69847792182
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64
e2772b5194cec87549292f0bc924090a1431343023875e8649815e5c3c211c99
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ccd91915655443f0694161cc9ca923a929c56b58fac5796e93f9a1a0daafb5
e4ffb9386abb88c46a88186bd48755486dc485b463a0ba88e93a7608ebb524a7
e5bb8b3a217ffae9a01543f6ca655af5dc4d01ccf05b2bdd3551558654ae5415
e763eadfba82f01a9fc8dd876a9d41e353903abd2ca92f9ddbb24807ce85a00a
e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea
e95091526118bd0ea713b83e5360e5aefa65bc7d0d0336847a90996ddbee127e
ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec37472a7272005528083fc9f09fc3df446595edcbacbcaac2dcd0d2793e424c
ed164f1d5d34a2dc860128e1ca51debfbe834ce74845f75137edd3a7cfb79ac4
ed94b8ac3f21f667601b895efee191821883b03e4382eaf6b17fcd98896cf408
ee0900e843e2647636742d9ffb71b05586f00f5b6a980c70baab3759fd5e87a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef46e87c2064eddde2ec2d1c1c463ad831cd54f2fd1f440d6f7fb5428538ddd1
ef9f0f4dd87f1a1404235923028ef1cde065889bcd3b476ca38aebcd257a343d
f2a2a2ab2367462121daee2556231fd6ab20628ed4156e3b77d6d14f798a381d
f2be60a4f44c0cf6f9da97b706c3b11b01fdbd6bac61abd34155731f437264ac
f55bd6bea1ac25e303f65c4dae0c1d9537696bb536691f55fa4cc5903177e989
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f70db7a717ec2b5eb347fe599bdcf525029a9d27ae5a8b9003cf989d46100d0d
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941
f9eef46ae43e6d734296c524fb7f9c792b169f4c58810aa1fcb78afe8e4b772b
fbf27eae0a10b7396f5c10ba259cf31223f465d9eb3c1fa1e13add046e453b18
fd72af68e3fe455ae746ed0416917e83028cd0007e10c96d50f2d7d4bde33130
fe25948c39b70de9cb3fedf7dff8845f3ca6571cd4e3d44c17ebd17d40069011
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f
ff7cfb9cb22470507879580b814385fe0165be2cf797b43b370a1be72d9ebfb3

trib.com Open in urlscan Pro 192.104.182.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

534 Requests

89 %HTTPS

29 %IPv6

77 Domains

122 Subdomains

90 IPs

9 Countries

5484 kBTransfer

13932 kBSize

24 Cookies

12 Outgoing links

Page URL History

Redirected requests

534 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

trib.com Open in urlscan Pro
192.104.182.209 Public Scan

Screenshot
Live screenshot

Full Image

534
Requests

89 %
HTTPS

29 %
IPv6

77
Domains

122
Subdomains

90
IPs

9
Countries

5484 kB
Transfer

13932 kB
Size

24
Cookies

534 HTTP transactions
15 data transactions