Submitted URL: http://www.stateways.com/
Effective URL: https://stateways.com/
Submission: On July 30 via manual from US — Scanned from CA

Summary

This website contacted 84 IPs in 7 countries across 66 domains to perform 378 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is stateways.com.
TLS certificate: Issued by E6 on July 20th 2024. Valid for: 3 months.
This is the only time stateways.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 37 141.193.213.11 209242 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
23 172.217.222.157 15169 (GOOGLE)
2 2600:9000:250... 16509 (AMAZON-02)
5 104.16.160.145 13335 (CLOUDFLAR...)
4 45.133.44.4 39572 (ADVANCEDH...)
26 209.85.232.157 15169 (GOOGLE)
3 8 34.117.77.79 396982 (GOOGLE-CL...)
2 7 104.18.41.104 13335 (CLOUDFLAR...)
1 80.249.145.207 49505 (SELECTEL)
3 2607:f8b0:400... 15169 (GOOGLE)
1 54.167.127.96 14618 (AMAZON-AES)
2 204.180.130.165 53866 (QTS-AS)
1 2 107.21.166.190 14618 (AMAZON-AES)
2 2 35.244.154.8 15169 (GOOGLE)
6 6 15.197.193.217 16509 (AMAZON-02)
3 4 107.23.203.136 14618 (AMAZON-AES)
2 3 3.233.22.19 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 172.217.197.94 15169 (GOOGLE)
1 45.133.44.3 39572 (ADVANCEDH...)
5 107.151.11.18 55081 (24SHELLS)
3 209.85.232.155 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 142.251.174.154 15169 (GOOGLE)
1 104.17.111.223 13335 (CLOUDFLAR...)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
7 8 37.157.6.232 198622 (ADFORM)
7 7 23.222.200.28 16625 (AKAMAI-AS)
19 23.227.146.18 55081 (24SHELLS)
2 2607:4f00:927::2 55081 (24SHELLS)
5 51.222.39.184 16276 (OVH)
9 9 67.202.105.21 32748 (STEADFAST)
1 10 67.202.105.32 32748 (STEADFAST)
11 23.54.45.11 16625 (AKAMAI-AS)
4 4 69.194.240.13 26120 (RHYTHMONE)
1 1 2620:112:f008... 26120 (RHYTHMONE)
2 4 34.225.55.209 14618 (AMAZON-AES)
9 15 68.67.178.10 29990 (ASN-APPNEX)
2 8 147.75.198.144 54825 (PACKET)
1 37.157.6.254 198622 (ADFORM)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 1 8.2.110.161 46636 (NATCOWEB)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 44.230.128.104 16509 (AMAZON-02)
1 69.173.151.100 26667 (RUBICONPR...)
6 8 34.111.113.62 396982 (GOOGLE-CL...)
8 8 74.125.192.156 15169 (GOOGLE)
1 2 23.105.14.106 30633 (LEASEWEB-...)
2 17 34.194.154.198 14618 (AMAZON-AES)
2 204.180.130.159 53866 (QTS-AS)
2 173.194.204.139 15169 (GOOGLE)
1 172.217.222.97 15169 (GOOGLE)
9 173.194.205.101 15169 (GOOGLE)
4 69.194.240.11 26120 (RHYTHMONE)
4 2607:f350:3:2... 27630 (AS-XFERNET)
3 74.119.117.6 19750 (AS-CRITEO)
1 207.65.37.179 62713 (AS-PUBMATIC)
1 185.184.8.90 204995 (RTB-HOUSE...)
2 34.120.63.153 396982 (GOOGLE-CL...)
1 2 172.98.26.246 399668 (E-PLANNING-)
2 52.20.117.99 14618 (AMAZON-AES)
7 34.149.20.76 396982 (GOOGLE-CL...)
7 2602:803:c002... 26667 (RUBICONPR...)
3 51.222.39.186 16276 (OVH)
1 34.235.242.236 14618 (AMAZON-AES)
13 2607:f8b0:400... 15169 (GOOGLE)
6 99.84.108.40 16509 (AMAZON-02)
2 4 173.194.205.154 15169 (GOOGLE)
2 34.98.64.218 396982 (GOOGLE-CL...)
1 2620:100:a00b::4 19750 (AS-CRITEO)
2 173.194.204.99 15169 (GOOGLE)
1 173.194.204.132 15169 (GOOGLE)
1 2 2620:100:a00b... 19750 (AS-CRITEO)
1 35.244.193.51 396982 (GOOGLE-CL...)
2 74.119.117.17 19750 (AS-CRITEO)
2 141.95.98.65 16276 (OVH)
1 23.48.9.103 16625 (AKAMAI-AS)
1 3.162.125.25 16509 (AMAZON-02)
4 23.52.8.247 16625 (AKAMAI-AS)
3 3 34.36.216.150 396982 (GOOGLE-CL...)
24 2607:f350:3:2... 27630 (AS-XFERNET)
3 3 216.200.232.249 30419 (PAEDAE-INC)
3 3 198.8.71.130 54312 (ROCKETFUEL)
6 6 35.211.178.172 19527 (GOOGLE-2)
4 6 198.148.27.131 19189 (PULSEPOINT)
3 3 54.197.170.225 14618 (AMAZON-AES)
1 141.95.98.64 16276 (OVH)
2 4 138.199.41.120 60068 (CDN77 _)
2 2 121.127.42.98 60068 (CDN77 _)
2 3.94.199.57 14618 (AMAZON-AES)
2 147.28.146.89 54825 (PACKET)
2 35.244.159.8 396982 (GOOGLE-CL...)
1 1 185.167.164.49 198622 (ADFORM)
1 1 198.24.161.243 19437 (SS-ASH)
378 84
Apex Domain
Subdomains
Transfer
44 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 363
pubads.g.doubleclick.net — Cisco Umbrella Rank: 423
264 KB
41 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
edcf82e9dbcf1afc5a902539b7f89375.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
7303771b427aeebf627ec533e290a648.safeframe.googlesyndication.com
55fc0190636101f28c351aa6ef11839f.safeframe.googlesyndication.com
514 KB
37 stateways.com
www.stateways.com
stateways.com
580 KB
28 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 4003
sync.go.sonobi.com — Cisco Umbrella Rank: 1537
25 KB
19 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 383
secure.adnxs.com — Cisco Umbrella Rank: 764
acdn.adnxs.com — Cisco Umbrella Rank: 961
57 KB
17 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 1075
6 KB
17 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1474
ssc.33across.com — Cisco Umbrella Rank: 7431
lexicon.33across.com — Cisco Umbrella Rank: 2352
8 KB
16 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 12536
sync.adtelligent.com — Cisco Umbrella Rank: 7131
ghb.adtelligent.com — Cisco Umbrella Rank: 9029
7 KB
14 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
analytics.google.com — Cisco Umbrella Rank: 238
www.google.com — Cisco Umbrella Rank: 10 Failed
79 KB
13 mediafuse.com
player.mediafuse.com — Cisco Umbrella Rank: 235048
player.hbmp.mediafuse.com — Cisco Umbrella Rank: 101571
sghb.hbmp.mediafuse.com — Cisco Umbrella Rank: 199418
sync.hbmp.mediafuse.com — Cisco Umbrella Rank: 292982
218 KB
12 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1162
c3.a-mo.net — Cisco Umbrella Rank: 28901
sync.a-mo.net — Cisco Umbrella Rank: 3188
4 KB
12 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 855
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 744
65 KB
11 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2328
a.ad.gt — Cisco Umbrella Rank: 2521
p.ad.gt — Cisco Umbrella Rank: 2796
ids.ad.gt — Cisco Umbrella Rank: 2348 Failed
pixels.ad.gt — Cisco Umbrella Rank: 2702
74 KB
10 tynt.com
de.tynt.com — Cisco Umbrella Rank: 2349
hde.tynt.com — Cisco Umbrella Rank: 4878
758 B
10 adform.net
cm.adform.net — Cisco Umbrella Rank: 1869
c1.adform.net — Cisco Umbrella Rank: 1001
5 KB
9 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 694
fastlane.rubiconproject.com — Cisco Umbrella Rank: 780
eus.rubiconproject.com — Cisco Umbrella Rank: 948
4 KB
9 media.net
hbx.media.net — Cisco Umbrella Rank: 1864
prebid.media.net — Cisco Umbrella Rank: 1534
5 KB
9 ml314.com
ml314.com — Cisco Umbrella Rank: 3108
in.ml314.com — Cisco Umbrella Rank: 17091
15 KB
8 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 646
2 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1081
1 KB
7 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1853
x.bidswitch.net — Cisco Umbrella Rank: 499
3 KB
7 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 5212
cds.connatix.com — Cisco Umbrella Rank: 5372
capi.connatix.com — Cisco Umbrella Rank: 1317
121 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 1077
7 KB
6 opstag.com
cdn1.opstag.com — Cisco Umbrella Rank: 66268
228 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 944
gum.criteo.com — Cisco Umbrella Rank: 553
mug.criteo.com — Cisco Umbrella Rank: 2813
2 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 505
4 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5708
onesignal.com — Cisco Umbrella Rank: 1415
img.onesignal.com — Cisco Umbrella Rank: 8171
94 KB
6 omeda.com
olytics.omeda.com — Cisco Umbrella Rank: 64390
oqs.omeda.com — Cisco Umbrella Rank: 65380
cdp.omeda.com — Cisco Umbrella Rank: 65235
69 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1897
targeting.unrulymedia.com — Cisco Umbrella Rank: 1255
947 B
4 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2585
4 KB
4 openx.net
os4m-d.openx.net — Cisco Umbrella Rank: 71824
us-u.openx.net — Cisco Umbrella Rank: 864
929 B
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1228
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
23 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1261
id.crwdcntrl.net — Cisco Umbrella Rank: 4149
2 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1245
681 B
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1308
2 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1642
2 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1117
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 741
2 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1596
2 KB
3 gstatic.com
fonts.gstatic.com
79 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
258 KB
2 agkn.com
fid.agkn.com — Cisco Umbrella Rank: 3601
1 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 645
2 KB
2 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 4278
public.servenobid.com — Cisco Umbrella Rank: 9571
664 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2501
283 B
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 11202
2 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 2269
1 KB
2 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 7681
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 689
833 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 319
1 KB
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 6589
615 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1187
273 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 992
31 KB
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6957
176 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2589
12 KB
1 mgid.com
cm-x.mgid.com — Cisco Umbrella Rank: 6850
649 B
1 trafmag.com
t.trafmag.com — Cisco Umbrella Rank: 13279
349 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
435 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
63 B
1 packedbrick.com
packedbrick.com
548 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
0 amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
0 vidoomy.com Failed
vid.vidoomy.com Failed
0 adpartner.pro Failed
a4p.adpartner.pro Failed
0 paradizeconstruction.com Failed
scada.paradizeconstruction.com Failed
378 66
Domain Requested by
36 stateways.com stateways.com
29 securepubads.g.doubleclick.net stateways.com
securepubads.g.doubleclick.net
olytics.omeda.com
pagead2.googlesyndication.com
24 sync.go.sonobi.com stateways.com
23 pagead2.googlesyndication.com stateways.com
olytics.omeda.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
17 ad.360yield.com 2 redirects player.hbmp.mediafuse.com
14 tpc.googlesyndication.com securepubads.g.doubleclick.net
stateways.com
tpc.googlesyndication.com
14 sync.adtelligent.com stateways.com
player.hbmp.mediafuse.com
12 ib.adnxs.com 6 redirects player.hbmp.mediafuse.com
cdn1.opstag.com
11 ads.pubmatic.com player.hbmp.mediafuse.com
stateways.com
11 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
9 de.tynt.com 1 redirects player.hbmp.mediafuse.com
9 ssc-cms.33across.com 9 redirects
9 cm.adform.net 7 redirects player.hbmp.mediafuse.com
stateways.com
8 cm.g.doubleclick.net 8 redirects
8 pixel.tapad.com 6 redirects stateways.com
8 prebid.a-mo.net 2 redirects player.hbmp.mediafuse.com
cdn1.opstag.com
8 onetag-sys.com player.hbmp.mediafuse.com
cdn1.opstag.com
8 ml314.com 3 redirects stateways.com
ml314.com
7 fastlane.rubiconproject.com player.hbmp.mediafuse.com
7 ssc.33across.com player.hbmp.mediafuse.com
7 hbx.media.net 7 redirects
6 bh.contextweb.com 4 redirects stateways.com
6 x.bidswitch.net 6 redirects
6 cdn1.opstag.com securepubads.g.doubleclick.net
cdn1.opstag.com
6 match.adsrvr.org 6 redirects
5 sync.hbmp.mediafuse.com player.hbmp.mediafuse.com
stateways.com
4 id.a-mx.com 2 redirects stateways.com
4 capi.connatix.com 2 redirects stateways.com
4 acdn.adnxs.com player.hbmp.mediafuse.com
cdn1.opstag.com
4 pubads.g.doubleclick.net 2 redirects stateways.com
4 apex.go.sonobi.com player.hbmp.mediafuse.com
cdn1.opstag.com
4 targeting.unrulymedia.com player.hbmp.mediafuse.com
4 ids.ad.gt stateways.com
4 ap.lijit.com 2 redirects cdn1.opstag.com
4 sghb.hbmp.mediafuse.com player.hbmp.mediafuse.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 sync.srv.stackadapt.com 3 redirects
3 p.rfihub.com 3 redirects
3 sync.mathtag.com 3 redirects
3 pixel-sync.sitescout.com 3 redirects
3 secure.adnxs.com 3 redirects
3 sync.1rx.io 3 redirects
3 id.hadron.ad.gt player.hbmp.mediafuse.com
id.hadron.ad.gt
3 onesignal.com cdn.onesignal.com
3 ps.eyeota.net 2 redirects stateways.com
3 sync.crwdcntrl.net 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com stateways.com
www.googletagmanager.com
p.ad.gt
2 us-u.openx.net cdn1.opstag.com
2 sync.a-mo.net cdn1.opstag.com
2 fid.agkn.com cdn1.opstag.com
2 c3.a-mo.net 2 redirects
2 id5-sync.com player.hbmp.mediafuse.com
2 mug.criteo.com stateways.com
2 gum.criteo.com 1 redirects
2 os4m-d.openx.net cdn1.opstag.com
2 www.google.com securepubads.g.doubleclick.net
stateways.com
tpc.googlesyndication.com
2 ssp.disqus.com player.hbmp.mediafuse.com
2 pbjs.e-planning.net 1 redirects stateways.com
2 prebid.media.net player.hbmp.mediafuse.com
2 bidder.criteo.com player.hbmp.mediafuse.com
2 cdp.omeda.com olytics.omeda.com
2 sync.smartadserver.com 1 redirects stateways.com
2 s.console.adtarget.com.tr player.hbmp.mediafuse.com
2 a.ad.gt player.hbmp.mediafuse.com
p.ad.gt
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 edcf82e9dbcf1afc5a902539b7f89375.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 idsync.rlcdn.com 2 redirects
2 dpm.demdex.net 1 redirects stateways.com
2 player.hbmp.mediafuse.com player.mediafuse.com
2 cds.connatix.com cd.connatix.com
cds.connatix.com
2 oqs.omeda.com olytics.omeda.com
2 player.mediafuse.com stateways.com
2 cdn.onesignal.com stateways.com
cdn.onesignal.com
2 olytics.omeda.com stateways.com
1 server.cpmstar.com 1 redirects
1 c1.adform.net 1 redirects
1 lb.eu-1-id5-sync.com player.hbmp.mediafuse.com
1 public.servenobid.com player.hbmp.mediafuse.com
1 eus.rubiconproject.com player.hbmp.mediafuse.com
1 id.crwdcntrl.net player.hbmp.mediafuse.com
1 lexicon.33across.com player.hbmp.mediafuse.com
1 55fc0190636101f28c351aa6ef11839f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 7303771b427aeebf627ec533e290a648.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 static.criteo.net player.hbmp.mediafuse.com
1 ghb.adtelligent.com player.hbmp.mediafuse.com
1 ads.servenobid.com player.hbmp.mediafuse.com
1 prebid-eu.creativecdn.com player.hbmp.mediafuse.com
1 grid.bidswitch.net player.hbmp.mediafuse.com
1 hbopenbid.pubmatic.com player.hbmp.mediafuse.com
1 pixels.ad.gt p.ad.gt
1 token.rubiconproject.com stateways.com
1 p.ad.gt a.ad.gt
1 cdn.hadronid.net a.ad.gt
1 img.onesignal.com stateways.com
1 cm-x.mgid.com 1 redirects
1 t.trafmag.com stateways.com
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 hde.tynt.com player.hbmp.mediafuse.com
1 player.adtelligent.com player.hbmp.mediafuse.com
1 www.google.ca stateways.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 in.ml314.com ml314.com
1 packedbrick.com stateways.com
1 cd.connatix.com stateways.com
1 fonts.googleapis.com stateways.com
1 www.stateways.com 1 redirects
0 s.amazon-adsystem.com Failed stateways.com
0 vid.vidoomy.com Failed stateways.com
0 a4p.adpartner.pro Failed stateways.com
0 scada.paradizeconstruction.com Failed packedbrick.com
378 113
Subject Issuer Validity Valid
stateways.com
E6
2024-07-20 -
2024-10-18
3 months crt.sh
upload.video.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.google-analytics.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.g.doubleclick.net
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.omeda.com
SSL.com RSA SSL subCA
2024-06-05 -
2025-06-16
a year crt.sh
onesignal.com
WE1
2024-07-29 -
2024-10-27
3 months crt.sh
player.mediafuse.com
R10
2024-07-08 -
2024-10-06
3 months crt.sh
event-horizon.gcp.bomm.in
WR3
2024-06-23 -
2024-09-21
3 months crt.sh
connatix.com
WE1
2024-06-27 -
2024-09-25
3 months crt.sh
packedbrick.com
R11
2024-07-22 -
2024-10-20
3 months crt.sh
*.gstatic.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.ml314.com
Amazon RSA 2048 M02
2023-10-16 -
2024-11-12
a year crt.sh
player.hbmp.mediafuse.com
R11
2024-07-29 -
2024-10-27
3 months crt.sh
*.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.google.ca
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
player.adtelligent.com
R10
2024-07-12 -
2024-10-10
3 months crt.sh
sghb.hbmp.mediafuse.com
ZeroSSL ECC Domain Secure Site CA
2024-07-21 -
2024-10-19
3 months crt.sh
id.hadron.ad.gt
WE1
2024-07-23 -
2024-10-21
3 months crt.sh
a.ad.gt
E6
2024-06-09 -
2024-09-07
3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-05-27 -
2025-06-18
a year crt.sh
sync.hbmp.mediafuse.com
ZeroSSL ECC Domain Secure Site CA
2024-06-25 -
2024-09-23
3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA
2024-07-16 -
2024-10-14
3 months crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-23 -
2025-01-29
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-05 -
2024-09-30
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-26 -
2024-11-26
a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA
2024-06-11 -
2025-06-11
a year crt.sh
hadronid.net
WE1
2024-07-27 -
2024-10-25
3 months crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3
2023-11-09 -
2024-11-07
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
pixels.ad.gt
WE1
2024-07-08 -
2024-10-06
3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA
2024-04-30 -
2025-05-31
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2023-12-07 -
2025-01-07
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-18 -
2024-09-17
3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-16 -
2024-10-16
3 months crt.sh
*.360yield.com
Amazon RSA 2048 M02
2024-06-15 -
2025-07-14
a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1
2024-04-05 -
2025-04-30
a year crt.sh
prebid.media.net
WR3
2024-06-13 -
2024-09-11
3 months crt.sh
*.a-mo.net
R11
2024-07-04 -
2024-10-02
3 months crt.sh
ssp.disqus.com
Amazon RSA 2048 M03
2023-10-21 -
2024-11-17
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
ssc.33across.com
WR3
2024-06-17 -
2024-09-15
3 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M03
2024-03-29 -
2025-04-27
a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2024-07-26 -
2024-10-24
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.opstag.com
Amazon RSA 2048 M03
2024-07-28 -
2025-08-25
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.lijit.com
Amazon RSA 2048 M03
2024-02-11 -
2025-03-12
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-27 -
2024-09-24
3 months crt.sh
lexicon.33across.com
WR3
2024-07-11 -
2024-10-09
3 months crt.sh
*.id5-sync.com
E6
2024-07-01 -
2024-09-29
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2024-07-17 -
2024-10-15
3 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02
2023-12-08 -
2025-01-05
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2023-08-24 -
2024-08-24
a year crt.sh
*.eu-1-id5-sync.com
R10
2024-07-01 -
2024-09-29
3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-09-07 -
2024-09-29
a year crt.sh

This page contains 77 frames:

Primary Page: https://stateways.com/
Frame ID: 6DF8006B6632BA16B541C2A29EB8E5D4
Requests: 202 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.player.js?cid=1ce017e4-3e88-40e9-be14-87b8fc33467a?pid=ab0ea6d5-1668-44a2-8b94-40296964a7ce
Frame ID: A0E17F4F806B9854FE420254C6E54D65
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: AB13FE34AD77675EC11D7876236F4DF1
Requests: 1 HTTP requests in this frame

Frame: https://edcf82e9dbcf1afc5a902539b7f89375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D9A7CCFC480DBB04D87A22B66C6F147A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240725/r20110914/zrt_lookup_fy2021.html
Frame ID: 455AA0A26F2FE1D8E6FDEDE8A9309E6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-5246894506201742&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1722357539&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fstateways.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=27_9~30_19&aiixl=27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1722357539279&bpp=5&bdt=527&idt=498&shv=r20240725&mjsv=m202407250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=312571362918&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31085665%2C44795921%2C95331688%2C95334526%2C95334828%2C95337868%2C31084185%2C95339224%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2955668029726201&tmod=2097165186&uas=0&nvt=1&fsapi=1&fc=1920&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=525
Frame ID: 2B98E8CD23B115235CCBF17D19CD9F14
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D764710%26a%3D743293%26extuid%3D%24UID
Frame ID: 9B42C3A1636FA8EC1BD96AF5B5159F2E
Requests: 1 HTTP requests in this frame

Frame: https://sync.hbmp.mediafuse.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=764727&a=754412&extuid=3653591411978364000V10
Frame ID: 8900B0C8C16CC200C7BE0132709B2CEA
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=748067
Frame ID: 6E5D9D4E870A0FB3194CCC65B4CC7413
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: B875572B4142B38DA66142112D2F47B3
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26extuid%3D33XUSERID33X&b=1
Frame ID: 76BB54AEB57A8FFC44B53524D6FEFDC8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26extuid%3D
Frame ID: B65DAC4D4E74173CEFD8BA8ED16B22DF
Requests: 1 HTTP requests in this frame

Frame: https://edcf82e9dbcf1afc5a902539b7f89375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 883771F94B740EC43FFB1FE85DD2B518
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmdnVVarmZe_pEPMskHrJyJIhJemE2eI9HavHD_T3JhLCbgw2PZWelTvfbPsWU4_4RotVTS-62IltgVB9u9cH0BCyGOCCFwPda_HW0IL1ZPseJ3BuZZmYGt72TDwwZjM1nJtpmfqDwLNsuOfOWsRuyWu3ADWFFcJaDWMJnP7OCA9frQkD5lkQgN8KKc66hQPGf6ZGKn1vE1t4C7lJLP84tACLZi3UuFdckqUTD7T1AtaUqCMczDms6DG8icvUbzUa0IQEzTXzf9WvMGzpfg6eMcaDcymDlnJNAZdYZqtlTZ_CMMOEF-_NBr5DYPH_VENTqROffi37k-E9cJ0v3Dt4&sai=AMfl-YQr-YTokhMvcEXj4sEyq1lEo7gt9qoudZlW2h-L54f25pA4KLg6Fb10WTLXnYWPTNQ1z4iGcTNT5gMJUyMd8Wp-2tfdU41pKMbDl3PXpQ0lstuSfEPk6shqz19gFkc&sig=Cg0ArKJSzOAgT_ysl4DvEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 88FC2C2CDE6AD07DEDD39D67A5E5FA59
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4BCdUgyayq3xLzm1Vbc-2Ab7KDSvFcMaqjfD9HVlJDrFSS9GaVAcauIUB9SEoJ0HPkaiy_6gx_u20P3hf30i2G58h0fH9R8EdthhQ3POwSpBQRbElg25KTmC-zOkqZFbc7xwKPhCZFATgO5J-WENEJ8bHzC0-rAV3CRRR1kuEX-1RvwVrbs2x386CP8ydJvOaoHMBZ_945h2yu-Ip2W8JPeLiMJmXej8WOQXavOYaN42UKEUmLTwSKanx7Q--86LAS3iRlPTDTj9BZ_B5hwtVAjBD66OispP6xqJflYaKsyrK9hCiBstoLyc6gqbD9kNcWhX7nLon3AYuA_6Cy7679n4&sai=AMfl-YQQuBGCove5idG6MoJ7sRfCIMJy4zwk9qsNQB711c1tLEEKr4b7WWg0X-v4xYyu5Sz-2wbTa5HdRde9YrH64_6UvOtGPXuzkfOa6uzWloecMgrflxNmYPySp20ml7Y&sig=Cg0ArKJSzKxbH2x7L4flEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: E7234792DDAEA51B84C144B7B7B4DFD1
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1IDkxUZAXxs5yt-b4AFj3nj3fUT2HADP0MYIZx3RADQNeTxVo9cQ4tXOFRvZgx_pBV8eYSM4PEobZmU-HI0j-8xkFbkOCpfRWlxgKyoKdL7yH4YGAJ-DZwZbDT3rcDZFXamvyFrcSx3tSy39XVXX6wDv2FVb9rAWVUED2CAbLamnP94TzxzXWraoarRW_OS4LQHuh-I5tY5FVW_-swnJD9mXVla90F8aX8FPx72JyDs56VLHBjvPD2chPw4PlUTK8a-498DxTL-_tWZN7pa1K5Y5MCwrgPotQ6SDPZNzGM-lAO3wQAEYRFVxVswVaL4GIuLttNJH09eToM9u9MGnL1i6B9yZ4gZohfAaGAtB9rOeZXdcBMt7T9gQ6&sai=AMfl-YRx9a1KrDEvvX9e79Mi7a-LWJ9GCxJkjKFnN0W6SvJcNXD_9RG89yCQHW6Dy9ZKIcCvNY5XmDYeBCQ7ZTCAUIQz9c62CFBcGa2aGvc7eqQs-guCmp7LuGrfDyfKDYs&sig=Cg0ArKJSzFUdgvEHDhhtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 526580BDC68574D11383A267B42584D7
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZsRPoGHUrHMPnKnZDJw2wAe8axLphvLHKNmIAi7uT9etkIevQfQjuKNpYHz3I9vDCn9RF8qxU1kmQtJDXol9WkdzgcJFlmkWUdZIZ1BD3Vlb37NFfB5XnchfG8Nze63VLpzYnkZFIRw4OGwFKkSrKeuQSrTDipntyqS20iquyWUIoPC3qHS4nb_ewQ3cHJTX607I7tSNmS7lBQftYlHW8h02sLcgnRTNfffHaBi1MbAc1b3z5jGA1pkxMlCQBpmgPvPOCLE2RMv9R2KhVO59c9ITCCOeeIzkRrxAsc75IMXBosag8sgDszJUt8fbYGUWvaa_F7Tmpe-3DGpL7FB8&sai=AMfl-YTcRo4yW5A0H28lXsuWdx4VPEnNAIA_ed5VsDYILXn1qd8KWeNGrXs-C53x9x1NGT2WBmBPVO15IBhqpNaJZ2nxBlEiLq7Nd0aCQvGF2HEDFtTFf3G-pEUTy_cMHUg&sig=Cg0ArKJSzMTol2r9IJJYEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 36C6D1516FB3BE0F723441B3893F3669
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss--wKefIsYEZ46m-WaI_W0C7T8dzGc_8-DShY1wWbSUoXLvnJHFz3OWEY3ENKsUnrtuXNAk3gIPdqu2Lo6miuYAVlgbJRJOEvILVA8rSZlqOHXBOkbXZCoxx95spnlw1tn2sFEcz1XyUm_-UUmBTgrZWOToORub9XV_kk1X1XiIBEEI8aIDdC5mLQx6swBkhMcAQekE6kmT2SiZZsvmE60lncprHUFXhQdpl2OkwuIrIhTfEgn5aPP8OCbh9frI4sAG_SXNTnD1kOCgamoRxOn4kl7OHYpGnDhahojEopjy7QaZ7JvfQL0aQ9P3e83_4wluBgoFkIiBqFoWM0fNemsLdGUqvn9cncvZSs-yHrC1kBLomQRsA62wgmT&sai=AMfl-YSOI4QCBDM9s-V5mlkyUyTjrt6llNj3CAN5XSMBqVpltorYQAN8jWlz7_MOeLbXHR-xpna8HQaQsmgBuiJQb-cs1YXs7oI52r1nK388kvUUYnqinLzmNAPUKlwtuhE&sig=Cg0ArKJSzE8VJ8Ax--kzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 1520046EA6485107BC4E024A89BE5645
Requests: 7 HTTP requests in this frame

Frame: https://cdn1.opstag.com/14191/prebid.js
Frame ID: 52A067253F8E1F65699D0F4137B1E6F2
Requests: 26 HTTP requests in this frame

Frame: https://cdn1.opstag.com/14193/prebid.js
Frame ID: 9C323C7871EC1432A8F1D848E3C59BE5
Requests: 26 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 949A8BD60DF77AB2E3BD11C2F08F9907
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 4E3108F90FD999E5D26D0DCF7C9B45E2
Requests: 1 HTTP requests in this frame

Frame: https://7303771b427aeebf627ec533e290a648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: ED71A874C854DDB4CB9D536A9A5B47AE
Requests: 1 HTTP requests in this frame

Frame: https://55fc0190636101f28c351aa6ef11839f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 79AB75590CBEEDAAAFB0A9E50B55BD52
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrt2wew1pOpFRJI0eVitinde9C4-a2L04jHyiNaAvD-1FkV7_X8B5CCXwTWNfjvRn_YYidm52dCyUO7dygdVD37F4Hzc3fJmLMHK2ZRmwSoghQbpHuTmEaESfhIjmtwtlFasfQTjvUs4T-8hneBAE6W0ye5jHPL1AKJq_bMQ8zYXqRHnuiF2_ZXKs3mUXp27hGmIgtxPB-Ji-Llkt5KS6cGYxcgEzHtdSp3DVcKcCcZ7XuL5QslTso7cQOCftSTdtp9KVwxyfJcjQJfuvP36QF0tbkK-ApChj2ky845uJxxIra0xfNhMKNaMQdwJgE_1FxQmP1-etpI91F8aX07Qs0ZLotmjyS8ippSla8F2VoCG06OFZck6DqjtshjvemaQM-amz-DnmqZMoobJ74HqW83zQGhg&sai=AMfl-YTB6la66rfawvLQnWviK-sSvHDv5aLDqZm0tclikcx6nS7rwKbKCfQtpRNqcz0CS-AXTFgPrDaTVdzn-MhwPyyJ1uQ8SvCJrieLRA-Y1s_6z66SqEK4oh3WXhC3tPc&sig=Cg0ArKJSzNQD58_2yGbLEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: B7630915E816A56AE8BCEC7C988E0345
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E600D7D2D0002E4BC57EB757C2D16857
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5DAFB24C3D2EA85CC90412C50E010FBC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DAC16D9023F5974E5C0FDB51E91C2F6B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 597638FC7B4F10C7F23CAA812F480282
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYUaKc399rgLdORCcw6meEtoYRIDUipHFdD3M1rwwpQVELf9pS4cEBpCv4PgQrXzmoEqSOhwup9rcGHgOFXKscfTM8EgLPJ5uhdDIqB8z1ZnvX8FB-Y3lNKcoze9WgBs6ZrAc7FLcL3REnaDtIgEjDwcJ4qyOodX6h8S3gPtNY2ldmpfwR2ltXKF_1ChfE6CZwCR_0sCQnlnwXT4JaS1jeCndZuApBoD5gQ0ZwVxagcRg2TQB0UJ4QVtsIDQJJWIf2_NleXWvnudnWc1-ConCKUO7aiAxdIxKiiMFXc_XQjt9NRo1BS8OJlxe2rkLhFZgUjZ7ssTGI-8w1KchKyPWn9sro_BXXc4Y5fNhqY7QRrOT5kyG2zNwOsM0_8ne9PXkYNaXGh_l7E9Jnp-JBnUknGXrh9g&sai=AMfl-YQ2vVu7vek_NCg4n3SfTudTdNpuyMvd_mvKXVnpDTyGd-8qw9Y5FavZiFeNdJ5asMjR08PlUpAh1Js3THJhKqJpeJDKGARSSC9BBgjYiFI6tO_34pnn1t4Rtg7I31A&sig=Cg0ArKJSzNqAN0SqJG0gEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 7C96AF705BC86FC86EE9CF42A9165F8B
Requests: 8 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D8779B&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Frame ID: F8EABA0D7D6250C5CF635002ED5882E8
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D877A1&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Frame ID: 0455355B67E2DDAB5D693A246228486C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A0%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D
Frame ID: 99F72327AF197669465EFDF091EF53C1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&us_privacy=1---
Frame ID: F7655D024F3DF4473412D22AD303E3B9
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Frame ID: 14642E374D9FDB456FF7BE3847BD1863
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 0B438A7CC53D8725B5973CD3D8C59C80
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html?usp_consent=1---
Frame ID: DCBF4E8457DA5AB54B9D5598EF290976
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779C%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Frame ID: DD63D5775A4946F31C332F03E922134A
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779E&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Frame ID: 8C6F439E8B572161A46F3941214C4F9F
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D87797%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Frame ID: EA23F92EB57CA71E980AF5836F935129
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779D%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D
Frame ID: C70B342BB906E9CEAEB4ADA97A4323B2
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A0%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Frame ID: 2816449C9D6DEE92A5AAB7CF03209D21
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D87797&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Frame ID: EA3F505B06E2722364346E930B0205E8
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D8779D&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Frame ID: 8AD16157B278C9EDEF3B000D5F7C1263
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779C&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Frame ID: 1D6615A36D5AF7C259817DF39A985274
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 152451B9D25AD672AE3D788440E26410
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=b-64TSyTCr7RPcrkHcnnVW&gdpr_consent=undefined&us_privacy=1---&gpp=&gpp_sid=
Frame ID: B374E147BC3F53A01D40C7E634EC7EAE
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Frame ID: 7D880179297510E31C44803548420BED
Requests: 1 HTTP requests in this frame

Frame: https://ssp.disqus.com/sync?type=iframe&us_privacy=1---
Frame ID: AC193A8EF4B1FE818C5BEDF9B3F6C302
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D87797%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D
Frame ID: B44B7890752E9615E82C02FBFCB8CFF4
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A1%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Frame ID: 6F6C41F6EFA33654CBC41740542604F0
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779B&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Frame ID: 8E4E1777E335AD88D18C4800C07B0349
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D877A0&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Frame ID: 6FC1E52E7AC446B95CABF20C8912C00A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6CF109A8BD992E27745724E4FC3AEF74
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D877A0&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Frame ID: 9A8393760217A29CD632531B1C07BDBB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E329A5021C50858956AD34E22AAF240A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779B%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D
Frame ID: 779245CAB19B6C9FF3AE651FD068C943
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=748067
Frame ID: EA570DF26B234801571E5691C320426C
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779E%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Frame ID: 6E301D30B2ADC59634AC4209A6B9EF4D
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D877A1&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Frame ID: 9634239C0E8A814E90936A9ECFAD5E61
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779D%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Frame ID: F45CA177B0BB1105D6CC3957B8D66BD7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A1%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D
Frame ID: 98305C1A211D6632AEF68AB98658F2C4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779C%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D
Frame ID: 1A9984E163BEF3F3BAE05CDFA6E764C2
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779B%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Frame ID: 4A07273CDFCDA14456F8EFC8FE8BC590
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D8779E&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Frame ID: A5884A8A1FC6FA3B7BAD1290228FA2C6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779E%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D
Frame ID: F62B4542F7EBA07C73E91D4EEB440C2B
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779D&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Frame ID: 4625F35777397EF7478C7206B9E89CC4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1722357540642&us_privacy=1---
Frame ID: 43933102C3E992E6A87861FF80889943
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D87797&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Frame ID: 7FE3F71544BC0C7E8C937910FBF74759
Requests: 1 HTTP requests in this frame

Frame: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=Ct4BSg1zdGF0ZXdheXMuY29tUgthYXMtZjkwYjRhMloIcGJhMS4zLjFqDXN0YXRld2F5cy5jb236AQU3LjMuMOgCAYgDpK6ktQaoA13qAyRmNDNiYWZiOC0wNDU1LTQ2YzYtYmE3Zi0xY2MwYzQwNTZlZDGiBBZodHRwczovL3N0YXRld2F5cy5jb20vqgQDRENIsgUDVVNE6gUHZGVza3RvcPoFA255NcAGAMgGAaoHA3dlYsoHDXN0YXRld2F5cy5jb23gBwGCCA1zdGF0ZXdheXMuY29tiggGY2hyb21l
Frame ID: 625F2035E51822C4611E4F905EA583BE
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Frame ID: BF34E231A3B40972C99D506585E4BE9D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EC08E0E2ED4B97A123978AD6C13968F0
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1722357542467&gdpr=0
Frame ID: 728CB368CC1DB5EC2CBAEBA981CB5804
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1C14FA191A4E6FE0E42AB107F0D93A7D
Requests: 1 HTTP requests in this frame

Frame: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=Ct4BSg1zdGF0ZXdheXMuY29tUgthYXMtZjkwYjRhMloIcGJhMS4zLjFqDXN0YXRld2F5cy5jb236AQU3LjMuMOgCAYgDpK6ktQaoA13qAyQxZWU4ZWU0ZS04MGU4LTQ2ZWQtOGI4ZS1hNTNlMDRiNzAzMmaiBBZodHRwczovL3N0YXRld2F5cy5jb20vqgQDRENIsgUDVVNE6gUHZGVza3RvcPoFA255NcAGAMgGAaoHA3dlYsoHDXN0YXRld2F5cy5jb23gBwGCCA1zdGF0ZXdheXMuY29tiggGY2hyb21l
Frame ID: 6CCF8B08A4B11536D18BEC6D94251062
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1722357542481&gdpr=0
Frame ID: EC5481DACE34E8EA85748BED3E3689E8
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Frame ID: 76BB50CA38DF768ECC222A105D98BF09
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

StateWays

Page URL History Show full URLs

  1. http://www.stateways.com/ HTTP 307
    https://www.stateways.com/ HTTP 301
    https://stateways.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

378
Requests

81 %
HTTPS

19 %
IPv6

66
Domains

113
Subdomains

84
IPs

7
Countries

2833 kB
Transfer

11059 kB
Size

278
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.stateways.com/ HTTP 307
    https://www.stateways.com/ HTTP 301
    https://stateways.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3645941671896023053&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3645941671896023053&redir=
Request Chain 55
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3645941671896023053 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0NTk0MTY3MTg5NjAyMzA1MxAAGg0Io66ktQYSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=c60a2ff37e02529c8c92ca8fbdf0b815a8601171b25a3f2a51d703f41e9eef6df4cb09cee1a4f8eb&person_id=3645941671896023053&eid=50082
Request Chain 56
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&gdpr=0&gdpr_consent= HTTP 302
  • https://ml314.com/csync.ashx?fp=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&person_id=3645941671896023053&eid=53819
Request Chain 57
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3645941671896023053 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3645941671896023053 HTTP 302
  • https://ml314.com/csync.ashx?fp=896960a3c1f35759aa78b9cbc9376462&eid=50146&person_id=3645941671896023053
Request Chain 58
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=26dfRwn3QK40-p-zGrRbnG7EqyH3r57TXHP_zBQ0cnWM&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
  • https://ml314.com/csync.ashx?fp=26dfRwn3QK40-p-zGrRbnG7EqyH3r57TXHP_zBQ0cnWM&person_id=3645941671896023053&eid=50052&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Request Chain 89
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent=undefined&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D142%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D764727%26a%3D754412%26extuid%3D%3Cvsid%3E HTTP 302
  • https://sync.hbmp.mediafuse.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=764727&a=754412&extuid=3653591411978364000V10
Request Chain 92
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26extuid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26extuid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26extuid%3D33XUSERID33X&b=1
Request Chain 94
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1722357543482 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3885502876 HTTP 302
  • https://sync.1rx.io/usersync/turn/8027953497467205434?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3614bb3f-8da6-4ddc-9929-e5ff06f0aa70-005?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-3614bb3f-8da6-4ddc-9929-e5ff06f0aa70-005 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-3614bb3f-8da6-4ddc-9929-e5ff06f0aa70-005
Request Chain 96
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D13%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D675886%26a%3D310570%26extuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D13%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D675886%26a%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.hbmp.mediafuse.com/csync?t=g&ep=13&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=675886&a=310570&extuid=JFBnALZHRlM3M8mzQvOkr1VW
Request Chain 97
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D32%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D764726%26a%3D751004%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.hbmp.mediafuse.com%252Fcsync%253Ft%253Dg%2526ep%253D32%2526traffic_source%253Dsnippet%2526session%253D41E6F54D08D7BD0D%2526sp%253D852559%2526pb%253D753264%2526c%253D764726%2526a%253D751004%2526extuid%253D%2524UID HTTP 302
  • https://sync.hbmp.mediafuse.com/csync?t=g&ep=32&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=764726&a=751004&extuid=6265193920769722573
Request Chain 98
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D737%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D764723%26a%3D310531%26extuid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F13253%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50041293-bec2-457f-8935-69542820b2b3%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLmhibXAubWVkaWFmdXNlLmNvbS9jc3luYz90PWcmZXA9NzM3JnRyYWZmaWNfc291cmNlPXNuaXBwZXQmc2Vzc2lvbj00MUU2RjU0RDA4RDdCRDBEJnNwPTg1MjU1OSZwYj03NTMyNjQmYz03NjQ3MjMmYT0zMTA1MzEmZXh0dWlkPQ%253D%253D%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F13253%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D%2526gpp_sid%253D%2526us_privacy%253D%2526A%253D50041293-bec2-457f-8935-69542820b2b3%2526bidder%253Dappnexus%2526cbx%253DaHR0cHM6Ly9zeW5jLmhibXAubWVkaWFmdXNlLmNvbS9jc3luYz90PWcmZXA9NzM3JnRyYWZmaWNfc291cmNlPXNuaXBwZXQmc2Vzc2lvbj00MUU2RjU0RDA4RDdCRDBEJnNwPTg1MjU1OSZwYj03NTMyNjQmYz03NjQ3MjMmYT0zMTA1MzEmZXh0dWlkPQ%25253D%25253D%2526uid%253D%2524UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/13253?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=50041293-bec2-457f-8935-69542820b2b3&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLmhibXAubWVkaWFmdXNlLmNvbS9jc3luYz90PWcmZXA9NzM3JnRyYWZmaWNfc291cmNlPXNuaXBwZXQmc2Vzc2lvbj00MUU2RjU0RDA4RDdCRDBEJnNwPTg1MjU1OSZwYj03NTMyNjQmYz03NjQ3MjMmYT0zMTA1MzEmZXh0dWlkPQ%3D%3D&uid=3238787195262500200 HTTP 302
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F13253%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50041293-bec2-457f-8935-69542820b2b3%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zeW5jLmhibXAubWVkaWFmdXNlLmNvbS9jc3luYz90PWcmZXA9NzM3JnRyYWZmaWNfc291cmNlPXNuaXBwZXQmc2Vzc2lvbj00MUU2RjU0RDA4RDdCRDBEJnNwPTg1MjU1OSZwYj03NTMyNjQmYz03NjQ3MjMmYT0zMTA1MzEmZXh0dWlkPQ%253D%253D%26uid%3D%24UID
Request Chain 101
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D32%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D765041%26a%3D297253%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.hbmp.mediafuse.com%252Fcsync%253Ft%253Dg%2526ep%253D32%2526traffic_source%253Dsnippet%2526session%253D41E6F54D08D7BD0D%2526sp%253D852559%2526pb%253D753264%2526c%253D765041%2526a%253D297253%2526extuid%253D%2524UID HTTP 302
  • https://sync.hbmp.mediafuse.com/csync?t=g&ep=32&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=765041&a=297253&extuid=7473332277637949819
Request Chain 102
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D358%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D765043%26a%3D753378%26extuid%3D%5BUID%5D HTTP 302
  • https://sync.hbmp.mediafuse.com/csync?t=g&ep=358&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=765043&a=753378&extuid=3a994da8-1171-4683-928a-3bdfca61ef5c
Request Chain 107
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001722357540-JE1548LB-EP77&adnxs_id=$UID&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001722357540-JE1548LB-EP77&adnxs_id=7473332277637949819&gdpr=0
Request Chain 108
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001722357540-JE1548LB-EP77&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&id=AU1D-0100-001722357540-JE1548LB-EP77
Request Chain 109
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001722357540-JE1548LB-EP77 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=CDBFB85C-5355-4674-AB0B-169E3223272E&id=AU1D-0100-001722357540-JE1548LB-EP77
Request Chain 111
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001722357540-JE1548LB-EP77&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001722357540-JE1548LB-EP77%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001722357540-JE1548LB-EP77&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001722357540-JE1548LB-EP77%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e9f26bca-091c-447e-b953-b9c9df802871%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001722357540-JE1548LB-EP77%252526tapad_id%25253De9f26bca-091c-447e-b953-b9c9df802871%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&ttd_puid=e9f26bca-091c-447e-b953-b9c9df802871%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001722357540-JE1548LB-EP77%2526tapad_id%253De9f26bca-091c-447e-b953-b9c9df802871%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001722357540-JE1548LB-EP77&tapad_id=e9f26bca-091c-447e-b953-b9c9df802871
Request Chain 112
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001722357540-JE1548LB-EP77 HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001722357540-JE1548LB-EP77&google_gid=CAESEAhr9_puJzrGs5tndBgoIjI&google_cver=1&google_ula=450542624,0
Request Chain 114
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001722357540-JE1548LB-EP77%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001722357540-JE1548LB-EP77&sas_uid=[sas_uid]&gdpr=0&cklb=1
Request Chain 115
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001722357540-JE1548LB-EP77%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001722357540-JE1548LB-EP77%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001722357540-JE1548LB-EP77&impr_uid=622f994f-1ae9-4ccf-9678-5ee2b099735f
Request Chain 116
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001722357540-JE1548LB-EP77 HTTP 302
  • https://ids.ad.gt/api/v1/amo_match?turn_id=8027953497467205434&id=AU1D-0100-001722357540-JE1548LB-EP77
Request Chain 154
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/stateways.com/ROS?rnd=0.6758751991897949&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90%2B728x90_2%3A728x90%2B728x90_3%3A728x90%2B300x250_0%3A300x250%2C300x600%2C160x600%2B300x250_1%3A300x250%2C300x600%2C160x600%2B300x250_2%3A300x250%2C300x600%2C160x600&ur=https%3A%2F%2Fstateways.com%2F&pbv=8.52.0&ncb=1&vs=FFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fstateways.com%2F&ccpa=1---&e_pubcid=3709492c-5aa9-45a9-b73b-e67aea32f2e0 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/stateways.com/ROS?ct=1&r=pbjs&rnd=0.6758751991897949&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90%2B728x90_2%3A728x90%2B728x90_3%3A728x90%2B300x250_0%3A300x250%2C300x600%2C160x600%2B300x250_1%3A300x250%2C300x600%2C160x600%2B300x250_2%3A300x250%2C300x600%2C160x600&ur=https%3A%2F%2Fstateways.com%2F&pbv=8.52.0&ncb=1&vs=FFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fstateways.com%2F&ccpa=1---&e_pubcid=3709492c-5aa9-45a9-b73b-e67aea32f2e0
Request Chain 227
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,35190362/epgmedia/stateways-14191-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5802023959 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,35190362/epgmedia/stateways-14191-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5802023959&pre=1
Request Chain 231
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,35190362/epgmedia/stateways-14193-300x250-activefill-mobile-pixel&sz=1x1&t=&c=5802026350 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,35190362/epgmedia/stateways-14193-300x250-activefill-mobile-pixel&sz=1x1&t=&c=5802026350&pre=1
Request Chain 298
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fstateways.com%2F&domain=stateways.com&cw=1&pbt=1&lsw=1&us_privacy=1--- HTTP 302
  • https://mug.criteo.com/sid?cpp=GCTQQHxVY3NaL2Jjb0ZZQ2p2M05ZU3F5WFZZamtBaU44ekh1d29iSDhkcHJBNkRBMGR0WTQ5UzZKZVRKRGdyeGtrT3ZxQ3FwMmovZkYxRFVhckt2bUt3bUk5Z0d5dmlJSEl0VEdpTUhweGpsbG5hUjNQcEJtWTYvTVBBMVlFcFhVM05INEFpQy9SMXMzRVJOSWlGdEJyNUdxSHZPKzRBTW0xVm00V2g0TE5HMmUvNEE3dWhxelVtN3pVd2dLWGFwRGlCcU5TdjExM0JFNjdjRDc0RHFSMjBUOHJ1TUROYTkxZkRIcHpBbXdvYWNEWS9RdCs5SjNWb24xTjNNZ3FZemVxUUtufA&cppv=2
Request Chain 301
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D142%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779B%26sp%3D852559%26pb%3D753264%26c%3D764727%26a%3D754412%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D%3Cvsid%3E HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D8779B&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Request Chain 302
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A1%26sp%3D852559%26pb%3D753264%26c%3D764710%26a%3D743293%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D877A1&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Request Chain 308
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779C%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779C%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Request Chain 309
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779E%26sp%3D852559%26pb%3D753264%26c%3D764710%26a%3D743293%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779E&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Request Chain 310
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D87797%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D87797%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Request Chain 312
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A0%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A0%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Request Chain 313
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D142%26traffic_source%3Dsnippet%26session%3D41E6F54D08D87797%26sp%3D852559%26pb%3D753264%26c%3D764727%26a%3D754412%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D%3Cvsid%3E HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D87797&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Request Chain 314
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D142%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779D%26sp%3D852559%26pb%3D753264%26c%3D764727%26a%3D754412%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D%3Cvsid%3E HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D8779D&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Request Chain 315
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779C%26sp%3D852559%26pb%3D753264%26c%3D764710%26a%3D743293%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779C&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Request Chain 317
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=b-64TSyTCr7RPcrkHcnnVW&gdpr_consent=undefined&us_privacy=1---&gpp=&gpp_sid= HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=b-64TSyTCr7RPcrkHcnnVW&gdpr_consent=undefined&us_privacy=1---&gpp=&gpp_sid=
Request Chain 321
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A1%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A1%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Request Chain 322
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779B%26sp%3D852559%26pb%3D753264%26c%3D764710%26a%3D743293%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779B&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Request Chain 323
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A0%26sp%3D852559%26pb%3D753264%26c%3D764710%26a%3D743293%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D877A0&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Request Chain 325
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D142%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A0%26sp%3D852559%26pb%3D753264%26c%3D764727%26a%3D754412%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D%3Cvsid%3E HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D877A0&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Request Chain 329
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779E%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779E%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Request Chain 330
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D142%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A1%26sp%3D852559%26pb%3D753264%26c%3D764727%26a%3D754412%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D%3Cvsid%3E HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D877A1&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Request Chain 331
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779D%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779D%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Request Chain 334
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779B%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779B%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Request Chain 335
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D142%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779E%26sp%3D852559%26pb%3D753264%26c%3D764727%26a%3D754412%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D%3Cvsid%3E HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D8779E&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Request Chain 337
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779D%26sp%3D852559%26pb%3D753264%26c%3D764710%26a%3D743293%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779D&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Request Chain 339
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D87797%26sp%3D852559%26pb%3D753264%26c%3D764710%26a%3D743293%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D87797&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Request Chain 341
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553%26partner_url%3Dhttps%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dbs%2526nuid%253D86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bs&nuid=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&gdpr=0&gdpr_consent=
Request Chain 342
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dif%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=if&nuid=17f666a9-1727-4d00-b508-ede5c4eaeade
Request Chain 343
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=6188463f-92fe-4ce3-bcbd-d51a2076e407 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De9f26bca-091c-447e-b953-b9c9df802871%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7473332277637949819&pt=e9f26bca-091c-447e-b953-b9c9df802871%2C%2C
Request Chain 344
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NjE4ODQ2M2YtOTJmZS00Y2UzLWJjYmQtZDUxYTIwNzZlNDA3 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
Request Chain 345
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1977432102137360374
Request Chain 346
  • https://capi.connatix.com/us/pixel?puid=931e5b6d-a386-43b6-ba4b-43ab45925c1f&pId=43&gdpr_consent=&callback=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=931e5b6d-a386-43b6-ba4b-43ab45925c1f&pId=43&gdpr_consent=&callback=&us_privacy=&final=true
Request Chain 347
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&google_hm=NWYzYzk1YjQtZTAwMC00ZThhLThlMjAtZjA1N2JhNzBiOTVj&gdpr_consent=&gdpr=0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMaUYdfgy17ncXYPSV_YXkE&google_cver=1&ssp=sonobi&bsw_param=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr_consent=&gdpr=0 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 348
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=931e5b6d-a386-43b6-ba4b-43ab45925c1f HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De9f26bca-091c-447e-b953-b9c9df802871%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7473332277637949819&pt=e9f26bca-091c-447e-b953-b9c9df802871%2C%2C
Request Chain 349
  • https://capi.connatix.com/us/pixel?puid=6188463f-92fe-4ce3-bcbd-d51a2076e407&pId=43&gdpr_consent=&callback=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=6188463f-92fe-4ce3-bcbd-d51a2076e407&pId=43&gdpr_consent=&callback=&us_privacy=&final=true
Request Chain 350
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=931e5b6d-a386-43b6-ba4b-43ab45925c1f&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=WGZoRTh6Sy1SM3NkcXIwa3RQUGhqZw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOBK9zwvkRQDhrsanegV2do&google_cver=1
Request Chain 351
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=6188463f-92fe-4ce3-bcbd-d51a2076e407&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ZVpZNTQ1eEZDWWJHdDFoeEZKTUtwUQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOBK9zwvkRQDhrsanegV2do&google_cver=1
Request Chain 352
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=9aWVw12kXgdMDs9VKNqjKqdy0Wc
Request Chain 353
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=db8d61494a&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&pubid=db8d61494a
Request Chain 354
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=OTMxZTViNmQtYTM4Ni00M2I2LWJhNGItNDNhYjQ1OTI1YzFm HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
Request Chain 358
  • https://id.a-mx.com/sync/?tagId=&ref=null&u=https://stateways.com/&v=7.3.0&vg=pbjs&us_privacy=null&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://c3.a-mo.net/b?uid=5c1ae47c-e45d-4c54-bdd4-f89b5897499d&sh=id.a-mx.com& HTTP 302
  • https://id.a-mx.com/set?oid=5c1ae47c-e45d-4c54-bdd4-f89b5897499d&uid=5c1ae47c-e45d-4c54-bdd4-f89b5897499d&
Request Chain 364
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bs&nuid=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&gdpr=0&gdpr_consent=
Request Chain 365
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=931e5b6d-a386-43b6-ba4b-43ab45925c1f&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=QQD0lfbslgar
Request Chain 366
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=bc2afab5f7&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&pubid=bc2afab5f7
Request Chain 367
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dif%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=if&nuid=17f666a9-1727-4d00-b508-ede5c4eaeade
Request Chain 368
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1977432102137360374
Request Chain 369
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sonobi HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5222931856105099249&ssp=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=OTMxZTViNmQtYTM4Ni00M2I2LWJhNGItNDNhYjQ1OTI1YzFm HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
Request Chain 371
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=9aWVw12kXgdMDs9VKNqjKqdy0Wc
Request Chain 372
  • https://id.a-mx.com/sync/?tagId=&ref=null&u=https://stateways.com/&v=7.3.0&vg=pbjs&us_privacy=null&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://c3.a-mo.net/b?uid=dbd4dea2-3d82-4ed3-a453-8b33fb4c070d&sh=id.a-mx.com& HTTP 302
  • https://id.a-mx.com/set?oid=dbd4dea2-3d82-4ed3-a453-8b33fb4c070d&uid=dbd4dea2-3d82-4ed3-a453-8b33fb4c070d&
Request Chain 378
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=bc2afab5f7&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&pubid=bc2afab5f7
Request Chain 379
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dif%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=if&nuid=17f666a9-1727-4d00-b508-ede5c4eaeade
Request Chain 380
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=9aWVw12kXgdMDs9VKNqjKqdy0Wc
Request Chain 381
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=OTMxZTViNmQtYTM4Ni00M2I2LWJhNGItNDNhYjQ1OTI1YzFm HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
Request Chain 382
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1977432102137360374
Request Chain 383
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bs&nuid=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&gdpr=0&gdpr_consent=
Request Chain 384
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dsonobi%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=sonobi&user_id=dTpGUHNWaTdHeFJqOVJYb3lvaHNXeTA= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 385
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=931e5b6d-a386-43b6-ba4b-43ab45925c1f&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=QQD0lfbslgar

378 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
stateways.com/
Redirect Chain
  • http://www.stateways.com/
  • https://www.stateways.com/
  • https://stateways.com/
112 KB
23 KB
Document
General
Full URL
https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
c92cede2f2b45aaf01e68d8aa61614fa0460abc47833ff744156f0cca4a5174f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ab6c838a81aaada-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 30 Jul 2024 16:38:58 GMT
link
<https://stateways.com/wp-json/>; rel="https://api.w.org/" <https://stateways.com/wp-json/wp/v2/pages/5>; rel="alternate"; title="JSON"; type="application/json" <https://stateways.com/>; rel=shortlink
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 4
x-cache-group
normal
x-cacheable
SHORT
x-pingback
https://stateways.com/xmlrpc.php
x-powered-by
WP Engine

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ab6c8372ab77117-YYZ
content-type
text/html
date
Tue, 30 Jul 2024 16:38:58 GMT
location
https://stateways.com/
server
cloudflare
wpp.min.js
stateways.com/wp-content/plugins/wordpress-popular-posts/assets/js/
4 KB
2 KB
Script
General
Full URL
https://stateways.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
115b63c2b73bc1f032ec2fab7ddf08e1ca129a04beef0f6a541c7d46bcd65995

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 18 Jul 2024 19:42:26 GMT
server
cloudflare
etag
W/"66997022-11e1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c8395900aada-YYZ
alt-svc
h3=":443"; ma=86400
front.min.css
stateways.com/wp-content/plugins/cookie-notice/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://stateways.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=2.4.17
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 17 Jun 2024 20:36:59 GMT
server
cloudflare
etag
W/"66709e6b-13c8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c83958faaada-YYZ
alt-svc
h3=":443"; ma=86400
wpp.css
stateways.com/wp-content/plugins/wordpress-popular-posts/assets/css/
2 KB
624 B
Stylesheet
General
Full URL
https://stateways.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=7.0.1
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 18 Jul 2024 19:42:26 GMT
server
cloudflare
etag
W/"66997022-688"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c83958fbaada-YYZ
alt-svc
h3=":443"; ma=86400
style.css
stateways.com/wp-content/themes/Newspaper/
155 KB
27 KB
Stylesheet
General
Full URL
https://stateways.com/wp-content/themes/Newspaper/style.css?ver=6.6.1
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dee6911447fc57b03d029275e9acd56d42b96832bc5a5b9545bbec6b35e7aaf

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 17:14:42 GMT
server
cloudflare
etag
W/"665f4b82-26b46"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c83958fcaada-YYZ
alt-svc
h3=":443"; ma=86400
style.css
stateways.com/wp-content/plugins/td-composer/td-multi-purpose/
38 KB
5 KB
Stylesheet
General
Full URL
https://stateways.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=72f925014dc5642945728092f057897e
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c98a428ca69d9af95841f03e1a85311fe5a56f34babd91004d48b9cca7ddde

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 17:15:35 GMT
server
cloudflare
etag
W/"665f4bb7-9828"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c83958feaada-YYZ
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/
22 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700&display=swap&ver=12.6.6
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b489b52865ad9042ebb0bc8e4ddf18feb3f2d733c1db4d0ad87842a52dea8f8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jul 2024 16:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jul 2024 16:34:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jul 2024 16:38:58 GMT
style.css
stateways.com/wp-content/themes/newspaper-child/
2 KB
931 B
Stylesheet
General
Full URL
https://stateways.com/wp-content/themes/newspaper-child/style.css?ver=1.0.0
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6019a08592a1549adf435b097ecef7b167b828f89f829c83e6e037ab38a1cde9

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 10 Sep 2020 19:58:42 GMT
server
cloudflare
etag
W/"5f5a8572-791"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c8395901aada-YYZ
alt-svc
h3=":443"; ma=86400
td_legacy_main.css
stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/
169 KB
26 KB
Stylesheet
General
Full URL
https://stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=72f925014dc5642945728092f057897e
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af664f64b475678e0d181c23dd6eca9ee45afd956d129a66c9e30910f2a985cf

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 17:15:35 GMT
server
cloudflare
etag
W/"665f4bb7-2a52f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c8395905aada-YYZ
alt-svc
h3=":443"; ma=86400
td_standard_pack_main.css
stateways.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/
718 KB
64 KB
Stylesheet
General
Full URL
https://stateways.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=8f2d47acef43f76b1dfa75a39c0fe3df
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
35ae3217a2320983ff3aa0cd0665dc5c32d8ed32400dd17dc5e7b82c8422333b

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 17:15:43 GMT
server
cloudflare
etag
W/"665f4bbf-b37f0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c8395906aada-YYZ
alt-svc
h3=":443"; ma=86400
tdb_main.css
stateways.com/wp-content/plugins/td-cloud-library/assets/css/
47 KB
8 KB
Stylesheet
General
Full URL
https://stateways.com/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=b379c96c54343541fd8742379a419361
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
82932a8e8382473453096e4dfdd0223611789dafd09182838a79f8e34403b420

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 17:15:39 GMT
server
cloudflare
etag
W/"665f4bbb-bc23"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c8395908aada-YYZ
alt-svc
h3=":443"; ma=86400
front.min.js
stateways.com/wp-content/plugins/cookie-notice/js/
8 KB
2 KB
Script
General
Full URL
https://stateways.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.17
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 17 Jun 2024 20:36:59 GMT
server
cloudflare
etag
W/"66709e6b-21fc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c8395909aada-YYZ
alt-svc
h3=":443"; ma=86400
jquery.min.js
stateways.com/wp-includes/js/jquery/
86 KB
31 KB
Script
General
Full URL
https://stateways.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Jul 2024 11:46:52 GMT
server
cloudflare
etag
W/"66a23b2c-15601"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c8397926aada-YYZ
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
stateways.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://stateways.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Jul 2024 11:46:52 GMT
server
cloudflare
etag
W/"66a23b2c-3509"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c8397928aada-YYZ
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
198 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-49360022-10
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
332cc1656a1f3cb69667b27eb3cb60f25a201dc14c80d81e5cb3f4827bf277cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73186
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Jul 2024 16:38:59 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
159 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5246894506201742
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
66a2046e4e90d115d640f13193de7df0136f6d8e36993b6537af1955ff8a180d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
Origin
https://stateways.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53475
x-xss-protection
0
server
cafe
etag
12248923770397283991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 30 Jul 2024 16:38:59 GMT
olytics.css
olytics.omeda.com/olytics/css/v3/p/
28 KB
3 KB
Stylesheet
General
Full URL
https://olytics.omeda.com/olytics/css/v3/p/olytics.css
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:d200:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:15:20 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 f9c59ce0e830fcb72cbcdb26622739f0.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4
age
8617
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 08 Jul 2024 11:02:42 GMT
server
Apache
etag
W/"28820-1720436562000"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-id
gI-WImD8bgSxmHyy3h8aCbfW6n0-K0-htl_QhFCVgEWTEHgiPizqtQ==
expires
Mon, 29 Jul 2024 14:15:09 GMT
StateWays.png
stateways.com/wp-content/uploads/2019/03/
7 KB
7 KB
Image
General
Full URL
https://stateways.com/wp-content/uploads/2019/03/StateWays.png
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
38c849b9211b719399d7d5cd01c940e9be99664ba7c4ee4a53abaf0b4ba644ac

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:58 GMT
cf-cache-status
MISS
last-modified
Wed, 27 Mar 2019 19:10:42 GMT
server
cloudflare
etag
"5c9bcab2-1a4b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ab6c8397929aada-YYZ
alt-svc
h3=":443"; ma=86400
content-length
6731
tagdiv_theme.min.js
stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/
156 KB
40 KB
Script
General
Full URL
https://stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.6.6
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
010f69dae1a693c14cce28a8b9ef4b5e81b46906f47830154ac07364104ca855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 17:15:35 GMT
server
cloudflare
etag
W/"665f4bb7-27170"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c839792baada-YYZ
alt-svc
h3=":443"; ma=86400
tdPostImages.js
stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/
2 KB
856 B
Script
General
Full URL
https://stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdPostImages.js?ver=12.6.6
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a137d5382f19aaea55e95b55e39a7829de05832714fc275d8a10312a3539d6

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 17:15:35 GMT
server
cloudflare
etag
W/"665f4bb7-991"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c83a5d1bac69-YYZ
alt-svc
h3=":443"; ma=86400
tdSocialSharing.js
stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/
3 KB
1 KB
Script
General
Full URL
https://stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSocialSharing.js?ver=12.6.6
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e81fcac714f76272bbeb4872fed3a4b84410ed89fe0243acf406986a7611b27

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 17:15:35 GMT
server
cloudflare
etag
W/"665f4bb7-a48"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c83a8d5aac69-YYZ
alt-svc
h3=":443"; ma=86400
tdModalPostImages.js
stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/
9 KB
2 KB
Script
General
Full URL
https://stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdModalPostImages.js?ver=12.6.6
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5724159a8f6ac6e42d3a8b66fdc874b0a197c53368a09579cd67fdd5fcc094

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 17:15:35 GMT
server
cloudflare
etag
W/"665f4bb7-22bc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c83aad71ac69-YYZ
alt-svc
h3=":443"; ma=86400
comment-reply.min.js
stateways.com/wp-includes/js/
3 KB
1 KB
Script
General
Full URL
https://stateways.com/wp-includes/js/comment-reply.min.js?ver=6.6.1
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Jul 2024 11:46:51 GMT
server
cloudflare
etag
W/"66a23b2b-ba5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c83aad82ac69-YYZ
alt-svc
h3=":443"; ma=86400
new-tab.js
stateways.com/wp-content/plugins/page-links-to/dist/
34 KB
13 KB
Script
General
Full URL
https://stateways.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.7
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 29 Mar 2024 20:50:35 GMT
server
cloudflare
etag
W/"6607299b-8687"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c83aad75ac69-YYZ
alt-svc
h3=":443"; ma=86400
js_files_for_front.min.js
stateways.com/wp-content/plugins/td-cloud-library/assets/js/
29 KB
6 KB
Script
General
Full URL
https://stateways.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=b379c96c54343541fd8742379a419361
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
119976944646a79019ce03beff913584eb2f12e344b1e549c58a0da61fb1e6c7

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 17:15:39 GMT
server
cloudflare
etag
W/"665f4bbb-73a8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c83aad7bac69-YYZ
alt-svc
h3=":443"; ma=86400
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
375
etag
W/"09282956186c8515ef0d208902803581"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8ab6c83ad92539e4-YYZ
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 02 Aug 2024 16:38:59 GMT
tdToTop.js
stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/
1 KB
782 B
Script
General
Full URL
https://stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdToTop.js?ver=12.6.6
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e89e04007c3b2f1de030c03b393af88674a08cde2a9ec6b2a045d41089569865

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 17:15:35 GMT
server
cloudflare
etag
W/"665f4bb7-592"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c83aad7cac69-YYZ
alt-svc
h3=":443"; ma=86400
tdAjaxSearch.js
stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/
6 KB
2 KB
Script
General
Full URL
https://stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdAjaxSearch.js?ver=12.6.6
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ced232c8b6b165ef0cb92272d25f07dc37d0a37b54932735a0bc3e5113132d85

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 17:15:35 GMT
server
cloudflare
etag
W/"665f4bb7-1801"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c83aad7dac69-YYZ
alt-svc
h3=":443"; ma=86400
tdLogin.js
stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/
13 KB
3 KB
Script
General
Full URL
https://stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdLogin.js?ver=12.6.6
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
336a25d31d729ad4223f664f1c0e4f82778979cb5ca97edd303d40241d6b272c

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 17:15:35 GMT
server
cloudflare
etag
W/"665f4bb7-353e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c83aad7fac69-YYZ
alt-svc
h3=":443"; ma=86400
tdMenu.js
stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/
4 KB
1 KB
Script
General
Full URL
https://stateways.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdMenu.js?ver=12.6.6
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d97c7a354ee5666e22c59498be5331a0edee5d6f7527a58a5744f323173bc8d

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 17:15:35 GMT
server
cloudflare
etag
W/"665f4bb7-11b2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c83aad81ac69-YYZ
alt-svc
h3=":443"; ma=86400
dd8481f0-988c-41d8-88f4-c6653bd39ea5
https://stateways.com/
1 KB
0
Other
General
Full URL
blob:https://stateways.com/dd8481f0-988c-41d8-88f4-c6653bd39ea5
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
hb_751249_18434.js
player.mediafuse.com/prebidlink/681986848507/
2 KB
1020 B
Script
General
Full URL
https://player.mediafuse.com/prebidlink/681986848507/hb_751249_18434.js
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
355a0b321aaaa11c85e367560d028c01d3f7a51241f52d7975e3c48cf78c27eb

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 21:17:32 GMT
server
nginx
etag
W/"66a16f6c-606"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Thu, 01 Aug 2024 16:38:59 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
98 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
009c4930548a80395a31fac3d77d1daf87fb4d1db6d6314c9d5a99bab5440a56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31581
x-xss-protection
0
server
cafe
etag
478 / 19934 / 31085717 / config-hash: 2120298064959822331
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Jul 2024 16:38:59 GMT
wrapper_hb_751249_18434.js
player.mediafuse.com/prebidlink/681986848507/
2 KB
1 KB
Script
General
Full URL
https://player.mediafuse.com/prebidlink/681986848507/wrapper_hb_751249_18434.js
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
dd29016f1b8ec8bbc13e15fc166baf9d0df59efb1022f14fc51397de41a210bc

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 21:17:32 GMT
server
nginx
etag
W/"66a16f6c-9fd"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Thu, 01 Aug 2024 16:38:59 GMT
olytics.min.js
olytics.omeda.com/olytics/js/v3/p/
252 KB
66 KB
Script
General
Full URL
https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:250b:d200:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
ca23b8f96998a9a29aaaa26bdf77c57a6a24cc5aab6a6955e44f7d677fd7669f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 12:10:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 f9c59ce0e830fcb72cbcdb26622739f0.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4
age
16128
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 08 Jul 2024 11:02:42 GMT
server
Apache
etag
W/"258460-1720436562000"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-id
FLf6ScSg-X0j6EOYn8XJDGsRqiL2XE5MGeXwQDVbWrPaFvgBoL6Q0w==
expires
Mon, 29 Jul 2024 12:10:10 GMT
tag.aspx
ml314.com/
38 KB
13 KB
Script
General
Full URL
https://ml314.com/tag.aspx?3062024
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:19:49 GMT
via
1.1 google
content-encoding
br
age
1150
x-guploader-uploadid
AHxI1nMcnbRp4YiihmMWpY0ukRYyYhCINsKA_aHBiYU2VsHIwhPAyqfAG2Q4V8n7zvN_98xlFvo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12522
last-modified
Wed, 24 Jul 2024 19:30:50 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1721849450340665
x-goog-hash
crc32c=6sDw2Q==, md5=YyYW/xWCXwMKqzORpY7wQg==
content-type
application/javascript
cache-id
YUL
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
39162
accept-ranges
bytes
connatix.player.js
cd.connatix.com/ Frame A0E1
2 KB
1 KB
Script
General
Full URL
https://cd.connatix.com/connatix.player.js?cid=1ce017e4-3e88-40e9-be14-87b8fc33467a?pid=ab0ea6d5-1668-44a2-8b94-40296964a7ce
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4969ca83182ce6221279b6aa8a5aad268bf61247c8ca404dc9e2b72801ef6853

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8ab6c83b2b30ac76-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
truncated
/
117 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2c9f518ec6a8748dd27703e15b4c4c1f44590cee03193fe9c542678c80c6b27

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
vfRg2L1ej33bleY00JdN9pxuSvOX2mNI-nTw9UpUoPg
packedbrick.com/
244 B
548 B
Script
General
Full URL
https://packedbrick.com/vfRg2L1ej33bleY00JdN9pxuSvOX2mNI-nTw9UpUoPg
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.249.145.207 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
dx5eyv8p7nks6etx.com
Software
nginx /
Resource Hash
789d560be25de17f684efd46f81cefe7189085104952e64132187fc3bfdd6187

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 16:38:59 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
244
Expires
Tue, 30 Jul 2024 16:38:59 GMT
truncated
/
121 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
placeholder-white.jpg
stateways.com/wp-content/uploads/2023/02/
2 KB
2 KB
Image
General
Full URL
https://stateways.com/wp-content/uploads/2023/02/placeholder-white.jpg
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff223a10d140f5151e83c047e58552373ff47585557512796add50d633ae398d

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Feb 2023 17:40:29 GMT
server
cloudflare
etag
"63e5300d-730"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ab6c83aedc3ac69-YYZ
alt-svc
h3=":443"; ma=86400
content-length
1840
newspaper.woff
stateways.com/wp-content/themes/Newspaper/images/icons/
33 KB
33 KB
Font
General
Full URL
https://stateways.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?23
Requested by
Host: stateways.com
URL: https://stateways.com/wp-content/themes/Newspaper/style.css?ver=6.6.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3bdf8bf7932544a7776521d75c5e5d03223a4997fdefdb0bfd4b80021f58d23

Request headers

Referer
https://stateways.com/wp-content/themes/Newspaper/style.css?ver=6.6.1
Origin
https://stateways.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 17:14:42 GMT
server
cloudflare
etag
"665f4b82-8470"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ab6c83b3e19ac69-YYZ
alt-svc
h3=":443"; ma=86400
content-length
33904
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700&display=swap&ver=12.6.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://stateways.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 18:56:43 GMT
x-content-type-options
nosniff
age
510136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 18:56:43 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700&display=swap&ver=12.6.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://stateways.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:55:37 GMT
x-content-type-options
nosniff
age
495802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:55:37 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700&display=swap&ver=12.6.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://stateways.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:30:28 GMT
x-content-type-options
nosniff
age
497311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:30:28 GMT
SW24Summer-cover.jpg
stateways.com/wp-content/uploads/2024/04/
53 KB
54 KB
Image
General
Full URL
https://stateways.com/wp-content/uploads/2024/04/SW24Summer-cover.jpg
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
17e0e31c5107194c1453b58e4385789c70dc098eb64e2c693d84501805e2e423

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 16:53:29 GMT
server
cloudflare
etag
"662a8a89-d58e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ab6c83b3e1fac69-YYZ
alt-svc
h3=":443"; ma=86400
content-length
54670
utsync.ashx
ml314.com/
684 B
1 KB
Script
General
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=64719&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fstateways.com%2F&pv=1722357539077_sk3trf643&bl=en-ca&cb=5838442&return=&ht=&d=&dc=&si=1722357539077_sk3trf643&cid=&s=1600x1200&rp=&v=2.7.4.212
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?3062024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
7db009532ba4cc3f4f7235f3c796f7ea21977b7c9a44fae919a3e5f8d0ce529a

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:38:59 GMT
via
1.1 google
server
Google Frontend
content-type
application/javascript
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
ud.ashx
in.ml314.com/
20 B
482 B
Script
General
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=3062024&v=2.7.4.212
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?3062024
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.127.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-127-96.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 16:38:58 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public
Connection
keep-alive
Content-Length
138
Expires
Wed, 31 Jul 2024 16:38:59 GMT
olytics
oqs.omeda.com/oqs/rest/ Frame
0
0
Preflight
General
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://stateways.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Tue, 30 Jul 2024 16:38:58 GMT
Keep-Alive
timeout=5
Server
Apache
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53487
x-xss-protection
0
server
cafe
etag
18172912325468967082
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 30 Jul 2024 16:38:59 GMT
olytics
oqs.omeda.com/oqs/rest/
15 B
359 B
XHR
General
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 30 Jul 2024 16:38:58 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
15
X-XSS-Protection
1; mode=block
elLoader.js
cds.connatix.com/p/515218/ Frame A0E1
3 KB
2 KB
Script
General
Full URL
https://cds.connatix.com/p/515218/elLoader.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ce017e4-3e88-40e9-be14-87b8fc33467a?pid=ab0ea6d5-1668-44a2-8b94-40296964a7ce
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4f5f33e523a7c0dcc092a2f06a6cdafb774eddbd7f9c4ea0255c4f713e853b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
x-amz-version-id
bh_eqQx1.rXP5arw3qC.37KPevoK0mjK
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
1212
last-modified
Tue, 30 Jul 2024 10:36:03 GMT
server
cloudflare
etag
"3033aa8a4f2d692eb49db48d84b79b53"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
8ab6c83bebd9ac76-YYZ
access-control-allow-headers
range
expires
Wed, 30 Jul 2025 16:38:59 GMT
hbp_master_751249_18434.js
player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/
508 KB
162 KB
Script
General
Full URL
https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/681986848507/hb_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
5f597ef8259257660c0aa221e84f24851c7f2d1d74b5ae1e05f84952e1996572

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
gzip
last-modified
Fri, 05 Jul 2024 17:03:05 GMT
server
nginx
etag
W/"66882749-7f083"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Thu, 01 Aug 2024 16:38:59 GMT
hbw_master_751249_18434.js
player.hbmp.mediafuse.com/prebidlink/1sAvg/
205 KB
49 KB
Script
General
Full URL
https://player.hbmp.mediafuse.com/prebidlink/1sAvg/hbw_master_751249_18434.js
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/681986848507/wrapper_hb_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
3b789661c617022a70ee1c1216439498851ce40aeb33dce57048dccdc0485ee8

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 21:17:32 GMT
server
nginx
etag
W/"66a16f6c-333d7"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Thu, 01 Aug 2024 16:38:59 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
284 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3565
etag
W/"7e91359b46e1da637080a03b759164fa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8ab6c83bc9e939e4-YYZ
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 02 Aug 2024 16:38:59 GMT
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3645941671896023053&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3645941671896023053&redir=
42 B
717 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3645941671896023053&redir=
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
107.21.166.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-166-190.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v062-0a550ab5c.edge-va6.demdex.com 3 ms
pragma
no-cache
date
Tue, 30 Jul 2024 16:38:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
8vnhMQyrQAk=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-2-v062-07a208020.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Tue, 30 Jul 2024 16:38:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
YeYITqgDQLE=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3645941671896023053&redir=
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
csync.ashx
ml314.com/
Redirect Chain
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3645941671896023053
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0NTk0MTY3MTg5NjAyMzA1MxAAGg0Io66ktQYSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=c60a2ff37e02529c8c92ca8fbdf0b815a8601171b25a3f2a51d703f41e9eef6df4cb09cee1a4f8eb&person_id=3645941671896023053&eid=50082
43 B
56 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=c60a2ff37e02529c8c92ca8fbdf0b815a8601171b25a3f2a51d703f41e9eef6df4cb09cee1a4f8eb&person_id=3645941671896023053&eid=50082
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 30 Jul 2024 16:38:59 GMT
via
1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jul 2024 16:38:59 GMT

Redirect headers

date
Tue, 30 Jul 2024 16:38:59 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=c60a2ff37e02529c8c92ca8fbdf0b815a8601171b25a3f2a51d703f41e9eef6df4cb09cee1a4f8eb&person_id=3645941671896023053&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csync.ashx
ml314.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&gdpr=0&gdpr_consent=
  • https://ml314.com/csync.ashx?fp=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&person_id=3645941671896023053&eid=53819
43 B
56 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&person_id=3645941671896023053&eid=53819
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 30 Jul 2024 16:38:59 GMT
via
1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jul 2024 16:38:59 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:38:59 GMT
via
1.1 google
server
Google Frontend
content-type
image/gif
location
https://ml314.com/csync.ashx?fp=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&person_id=3645941671896023053&eid=53819
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
x-cloud-trace-context
667ef3701d561d22f2a83262d65219d8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Wed, 31 Jul 2024 16:38:59 GMT
csync.ashx
ml314.com/
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3645941671896023053
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3645941671896023053
  • https://ml314.com/csync.ashx?fp=896960a3c1f35759aa78b9cbc9376462&eid=50146&person_id=3645941671896023053
43 B
56 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=896960a3c1f35759aa78b9cbc9376462&eid=50146&person_id=3645941671896023053
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 30 Jul 2024 16:38:59 GMT
via
1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jul 2024 16:38:59 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:38:59 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ml314.com/csync.ashx?fp=896960a3c1f35759aa78b9cbc9376462&eid=50146&person_id=3645941671896023053
cache-control
no-cache
x-server
10.40.62.162
content-length
0
expires
0
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=26dfRwn3QK40-p-zGrRbnG7EqyH3r57TXHP_zBQ0cnWM&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
  • https://ml314.com/csync.ashx?fp=26dfRwn3QK40-p-zGrRbnG7EqyH3r57TXHP_zBQ0cnWM&person_id=3645941671896023053&eid=50052&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referre...
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
HTTP/1.1
Server
3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-22-19.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Tue, 30 Jul 2024 16:38:59 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

date
Tue, 30 Jul 2024 16:38:59 GMT
via
1.1 google
server
Google Frontend
content-type
image/gif
location
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
x-cloud-trace-context
1b5db4b8fd92784db40ae89d40f2b44f
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Wed, 31 Jul 2024 16:38:59 GMT
wp-emoji-release.min.js
stateways.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://stateways.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Jul 2024 11:46:52 GMT
server
cloudflare
etag
W/"66a23b2c-4926"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ab6c83bcea9ac69-YYZ
alt-svc
h3=":443"; ma=86400
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/
474 KB
148 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
c5e1629c5fdb7d18753448f9095701331d3ece89f2e44513c517efaefd24610b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 23:09:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
62969
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151374
x-xss-protection
0
server
cafe
etag
16932859754834633169
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 29 Jul 2025 23:09:30 GMT
js
www.googletagmanager.com/gtag/
289 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-56GZQQQPLE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49360022-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a98651c532a79df9855e2d54d346b70b8a7ba33192069e1a716cdb782e964e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99976
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Jul 2024 16:38:59 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49360022-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 30 Jul 2024 16:22:32 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
987
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 30 Jul 2024 18:22:32 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407250101/
424 KB
143 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407250101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5246894506201742
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
0e4c682db72fc7ea8d8f45e09d1b7d8166e91b98672108a846a7feef576f85f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146607
x-xss-protection
0
server
cafe
etag
8496954111525990461
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Jul 2024 16:38:59 GMT
connatix.player.js
cds.connatix.com/p/515218/ Frame A0E1
502 KB
118 KB
Script
General
Full URL
https://cds.connatix.com/p/515218/connatix.player.js?cid=1ce017e4-3e88-40e9-be14-87b8fc33467a%3Fpid%3Dab0ea6d5-1668-44a2-8b94-40296964a7ce
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/515218/elLoader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a54289b2fea2723213d1b014e605a1f8ae3fd4ce32d7a0160e0121bcc50a350

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
x-amz-version-id
ST6IVssghjvESjEMybX.1X1Cvqnj6rn_
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
119930
last-modified
Tue, 30 Jul 2024 10:36:03 GMT
server
cloudflare
etag
"2a04a4097d75df8aa1f63767942cefb4"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
8ab6c83cbca6ac76-YYZ
access-control-allow-headers
range
expires
Wed, 30 Jul 2025 16:38:59 GMT
web
onesignal.com/api/v1/sync/8d8563bc-ca4f-44f9-ad46-7ec41b6f377c/
3 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/8d8563bc-ca4f-44f9-ad46-7ec41b6f377c/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70eefb83f2a37646b42a1648460ad62acfb1a7d4f310e31ff0bb2a34500f24ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
6677bfc0-52af-4c4c-aa00-67e7ba967411
x-runtime
0.035343
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"70eefb83f2a37646b42a1648460ad62a"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
8ab6c83ccb2739e4-YYZ
access-control-allow-headers
SDK-Version
expires
Tue, 30 Jul 2024 17:38:59 GMT
35190362
fundingchoicesmessages.google.com/i/
202 KB
67 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/35190362?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f69cf0fbe1eeff80b06493bf62a3002464e00a7fada104a24c0a5d38c6bcf440
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0im0jbh14LT1a15g2vvHVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-0im0jbh14LT1a15g2vvHVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw05BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HIvXLdnKJnDhRl8nk5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJgbmRhZ6BeXyBAQCjfjv8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-56GZQQQPLE&gtm=45je47t0v895083230za200&_p=1722357538970&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=386196306.1722357539&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1722357539&sct=1&seg=0&dl=https%3A%2F%2Fstateways.com%2F&dt=StateWays&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1104
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-56GZQQQPLE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:38:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
244 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-56GZQQQPLE&cid=386196306.1722357539&gtm=45je47t0v895083230za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250752
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-56GZQQQPLE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:38:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/
42 B
63 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-56GZQQQPLE&cid=386196306.1722357539&gtm=45je47t0v895083230za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250752&tag_exp=95250752&z=1086582577
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:38:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
205 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1477034061&t=pageview&_s=1&dl=https%3A%2F%2Fstateways.com%2F&ul=en-ca&de=UTF-8&dt=StateWays&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1410828616&gjid=1938883582&cid=386196306.1722357539&tid=UA-49360022-10&_gid=754866402.1722357539&_r=1&gtm=457e47t0za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&jsscut=1&z=1001786119
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:38:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31581
x-xss-protection
0
server
cafe
etag
478 / 19934 / 31085717 / config-hash: 2120298064959822331
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Jul 2024 16:38:59 GMT
config.json
player.adtelligent.com/exchange_rates/279934/
9 KB
4 KB
Fetch
General
Full URL
https://player.adtelligent.com/exchange_rates/279934/config.json?cb=https%3A%2F%2Fstateways.com%2F
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
3b179d2dd62da53b781f3dd37085436f25a63bb82fd6905778762443fb662993

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

x-proxy-cache
HIT
date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
gzip
last-modified
Tue, 30 Jul 2024 12:01:41 GMT
server
nginx
etag
W/"66a8d625-2211"
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
max-age=86400
expires
Wed, 31 Jul 2024 16:38:59 GMT
/
sghb.hbmp.mediafuse.com/geo/
172 B
479 B
XHR
General
Full URL
https://sghb.hbmp.mediafuse.com/geo/
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/1sAvg/hbw_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.11.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Mediafuse /
Resource Hash
55b9a7dd08cc3bde8e3b7d7b7e75fdf427c65000dfaafc0a359e6b439ec4c9ff

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 16:38:59 GMT
Server
Mediafuse
Content-Type
application/json
Access-Control-Allow-Origin
https://stateways.com
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
172
tracking
sghb.hbmp.mediafuse.com/adunit/
43 B
471 B
XHR
General
Full URL
https://sghb.hbmp.mediafuse.com/adunit/tracking?event=11&type=0&client_id=751249&site_id=18434&pbjsv=v8.52.0&full_page_url=https%3A%2F%2Fstateways.com%2F&adid=8n7iyc.o7&features=81952&vpbv=m250&tte=615&lifecycle_tte=1239
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/1sAvg/hbw_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.11.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Mediafuse /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 16:38:59 GMT
Server
Mediafuse
Content-Type
image/gif
Access-Control-Allow-Origin
https://stateways.com
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
D6+nK3SNxEJrjZ0ZOJeLCX2NnQlr2MhMesDDWmrNw0Rly4VW
scada.paradizeconstruction.com/
0
0

OneSignalSDKStyles.css
onesignal.com/sdks/
82 KB
9 KB
Stylesheet
General
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3551
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8ab6c83e9d0f39e4-YYZ
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 Aug 2024 16:38:59 GMT
AGSKWxUMgtzjozbxFZWXIJMsDyrwrd5aqYkEWCNSuSku10Tw7VKJX5zdta48iydTzO2zcV7UPtmQQ74XUf2rq3VAalxvey_MkXdP1xnHnxLoeq5EwZBl8-QwywMTScnxllRsxyZc3hs48g==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUMgtzjozbxFZWXIJMsDyrwrd5aqYkEWCNSuSku10Tw7VKJX5zdta48iydTzO2zcV7UPtmQQ74XUf2rq3VAalxvey_MkXdP1xnHnxLoeq5EwZBl8-QwywMTScnxllRsxyZc3hs48g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyMzU3NTM5LDcxMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zdGF0ZXdheXMuY29tLyIsbnVsbCxbWzgsIm9sUHhHMHVxQXZ3Il0sWzksImVuLVVTIl0sWzIyLCJ0cnVlIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDE4OV0sbnVsbCw2XSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.olPxG0uqAvw.es5.O/am=Phg/d=1/rs=AJlcJMxJ6SqPXVz_qNg_tblT8qFSGgu05w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33c7af32c4a685abe5294ea570410cbd8705fb7ce333118303bca99dd362d064
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-j9O1afZbVZuOUYsxKPrShg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-j9O1afZbVZuOUYsxKPrShg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw15BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQBiD62LrAFAvCTiIuuBxIusBx9fZD0JxIYKl1jtgViIh2PxuiVb2QRerPz9jElJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDcyELPwDy-wAAAigU_UA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame AB13
0
0
Document
General
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28869
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 16:00:24 GMT
expires
Tue, 30 Jul 2024 16:50:24 GMT
last-modified
Mon, 29 Jul 2024 19:44:55 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
756 B
359 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2955668029726201&correlator=2321185826807452&eid=31079957%2C31083344%2C31085621%2C31085717%2C31084125%2C31084181%2C44777897%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290201&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=35190362%2CSWY_Out-of-page&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1722357539728&lmt=1722357539&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fstateways.com%2F&vis=1&psz=1600x2723&msz=1600x0&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722357538752&idt=596&adks=2599344006&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
a5a7bdded62a7346252b44830666659b38475a9f871f2b81d77f9ffe7bb94e8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://stateways.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
69 KB
15 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2955668029726201&correlator=896956841707073&eid=31079957%2C31083344%2C31085621%2C31085717%2C31084125%2C31084181%2C44777897%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290201&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=35190362%2CSWY_1080%2CSTW_1x1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1080x200%2C1x1&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1722357539740&lmt=1722357539&adxs=-9%2C-12245933&adys=-9%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fstateways.com%2F&vis=1&psz=0x-1%7C1600x2723&msz=0x-1%7C0x0&fws=2%2C128&ohw=0%2C0&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722357538752&idt=596&prev_scp=excl_cat%3DPREPOST%7Cexcl_cat%3DPREPOST&adks=3064810595%2C105582122&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
c6b2ab567a7a3b5d645f743a0ae12dc3b2433d1d32495cd80505a2e2f667e381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15557
x-xss-protection
0
google-lineitem-id
-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://stateways.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
edcf82e9dbcf1afc5a902539b7f89375.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D9A7
0
0
Document
General
Full URL
https://edcf82e9dbcf1afc5a902539b7f89375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 16:38:59 GMT
expires
Tue, 30 Jul 2024 16:38:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240725/r20110914/ Frame 455A
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240725/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
59922
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 00:00:17 GMT
etag
2738592464165616
expires
Tue, 13 Aug 2024 00:00:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2B98
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-5246894506201742&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1722357539&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fstateways.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=27_9~30_19&aiixl=27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1722357539279&bpp=5&bdt=527&idt=498&shv=r20240725&mjsv=m202407250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=312571362918&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31085665%2C44795921%2C95331688%2C95334526%2C95334828%2C95337868%2C31084185%2C95339224%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2955668029726201&tmod=2097165186&uas=0&nvt=1&fsapi=1&fc=1920&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=525
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 16:38:59 GMT
expires
Tue, 30 Jul 2024 16:38:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
icon
onesignal.com/api/v1/apps/8d8563bc-ca4f-44f9-ad46-7ec41b6f377c/
184 B
755 B
Fetch
General
Full URL
https://onesignal.com/api/v1/apps/8d8563bc-ca4f-44f9-ad46-7ec41b6f377c/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fbcc41762592c5998d66c59de2186feb90f36023d3fbf7314615b5048ba367d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
b6395eec-00d7-4c45-a7e7-fd29d4950510
x-runtime
0.012811
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"3fbcc41762592c5998d66c59de2186fe"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
8ab6c8402b9f36a0-YYZ
access-control-allow-headers
SDK-Version
hadronid
id.hadron.ad.gt/api/v1/
54 KB
55 KB
Script
General
Full URL
https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=170&_it=prebid
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
027a2a1dc9044e78b8382a7522536ac3ac5a5401b148d7826e0f8eda3001cf2d

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
Content-Type; text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization,content-type
content-length
55794
cf-ray
8ab6c8416cad36d2-YYZ
csyncs
sghb.hbmp.mediafuse.com/
3 KB
1 KB
XHR
General
Full URL
https://sghb.hbmp.mediafuse.com/csyncs?aid1=852559&gdpr=0&gdpr_consent=undefined
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/1sAvg/hbw_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.11.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Mediafuse /
Resource Hash
950eb1a580c233feef17d88ad4dd150a552529a86846234084bda9bf7f619fc6

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 16:38:59 GMT
Content-Encoding
gzip
Server
Mediafuse
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://stateways.com
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
946
170
a.ad.gt/api/v1/u/matches/
13 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/170
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/1sAvg/hbw_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4246773bd719653641f07789266b297678528be6670642823f0e9178bc3b3713

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2024 16:32:35 GMT
server
cloudflare
age
118
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8ab6c8416f82ac93-YYZ
cookie
cm.adform.net/ Frame 9B42
0
0
Document
General
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D764710%26a%3D743293%26extuid%3D%24UID
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/1sAvg/hbw_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
content-type
image/gif
date
Tue, 30 Jul 2024 16:39:00 GMT
server
nginx
csync
sync.hbmp.mediafuse.com/ Frame 8900
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent=undefined&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D14...
  • https://sync.hbmp.mediafuse.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=764727&a=754412&extuid=3653591411978364000V10
0
0
Document
General
Full URL
https://sync.hbmp.mediafuse.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=764727&a=754412&extuid=3653591411978364000V10
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/1sAvg/hbw_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Mediafuse /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 30 Jul 2024 16:39:00 GMT
Etag
4956c3ff1cbc4136
Server
Mediafuse

Redirect headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Tue, 30 Jul 2024 16:39:01 GMT
expires
Tue, 30 Jul 2024 16:39:01 GMT
location
https://sync.hbmp.mediafuse.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=764727&a=754412&extuid=3653591411978364000V10
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
sync.html
s.console.adtarget.com.tr/ Frame 6E5D
0
0
Document
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=748067
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/1sAvg/hbw_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:927::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtarget /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://stateways.com
Connection
Keep-Alive
Date
Tue, 30 Jul 2024 16:38:59 GMT
Permissions-Policy
browsing-topics=()
Server
Adtarget
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame B875
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/1sAvg/hbw_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
hde.tynt.com/deb/ Frame 76BB
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559...
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D85255...
0
0
Document
General
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26extuid%3D33XUSERID33X&b=1
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/1sAvg/hbw_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1830
content-type
text/html
date
Tue, 30 Jul 2024 16:38:59 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Tue, 30 Jul 2024 16:38:59 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26extuid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B65D
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26extuid%3D
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/1sAvg/hbw_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.45.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-45-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=100908
content-encoding
gzip
content-length
5492
content-type
text/html
date
Tue, 30 Jul 2024 16:39:00 GMT
expires
Wed, 31 Jul 2024 20:40:48 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1722357543482
  • https://ad.turn.com/r/cs?pid=45&rndcb=3885502876
  • https://sync.1rx.io/usersync/turn/8027953497467205434?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-3614bb3f-8da6-4ddc-9929-e5ff06f0aa70-005?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-3614bb3f-8da6-4ddc-9929...
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-3614bb3f-8da6-4ddc-9929-e5ff06f0aa70-005
43 B
480 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-3614bb3f-8da6-4ddc-9929-e5ff06f0aa70-005
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 16:39:00 GMT
Server
Adtelligent
Etag
49e4a19f7bc91bdc
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-3614bb3f-8da6-4ddc-9929-e5ff06f0aa70-005
date
Tue, 30 Jul 2024 16:39:00 GMT
content-type
text/html
etag
RX3614bb3f8da64ddc9929e5ff06f0aa70005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
match
a4p.adpartner.pro/ssp/
0
0

csync
sync.hbmp.mediafuse.com/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D13%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D675886%26a...
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D13%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D675886%26a...
  • https://sync.hbmp.mediafuse.com/csync?t=g&ep=13&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=675886&a=310570&extuid=JFBnALZHRlM3M8mzQvOkr1VW
43 B
461 B
Image
General
Full URL
https://sync.hbmp.mediafuse.com/csync?t=g&ep=13&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=675886&a=310570&extuid=JFBnALZHRlM3M8mzQvOkr1VW
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Mediafuse /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 16:38:59 GMT
Server
Mediafuse
Etag
4956c3ff1cbc4136
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Tue, 30 Jul 2024 16:39:00 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT
location
https://sync.hbmp.mediafuse.com/csync?t=g&ep=13&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=675886&a=310570&extuid=JFBnALZHRlM3M8mzQvOkr1VW
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
0
csync
sync.hbmp.mediafuse.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D32%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D764726%26a%3D75...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.hbmp.mediafuse.com%252Fcsync%253Ft%253Dg%2526ep%253D32%2526traffic_source%253Dsnippet%2526session%253D41E6F54D08D7BD0D%2526sp%253D85...
  • https://sync.hbmp.mediafuse.com/csync?t=g&ep=32&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=764726&a=751004&extuid=6265193920769722573
43 B
456 B
Image
General
Full URL
https://sync.hbmp.mediafuse.com/csync?t=g&ep=32&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=764726&a=751004&extuid=6265193920769722573
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Mediafuse /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 16:38:59 GMT
Server
Mediafuse
Etag
4956c3ff1cbc4136
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
an-x-request-uuid
dc8f0f2e-8e24-4b2c-a671-38cad933581f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.hbmp.mediafuse.com/csync?t=g&ep=32&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=764726&a=751004&extuid=6265193920769722573
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie
cm.adform.net/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D737%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D764723...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F13253%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50041293-bec2-457f-8935-69542820b2b3%26bidder%...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F13253%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D%2526gpp_sid%253D%2526us_privacy%253D%2526A%25...
  • https://prebid.a-mo.net/cchain/0/13253?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=50041293-bec2-457f-8935-69542820b2b3&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLmhibXAubWVkaWFmdXNlLmNvbS9jc3luYz90P...
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F13253%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50041293...
35 B
483 B
Image
General
Full URL
https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F13253%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50041293-bec2-457f-8935-69542820b2b3%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zeW5jLmhibXAubWVkaWFmdXNlLmNvbS9jc3luYz90PWcmZXA9NzM3JnRyYWZmaWNfc291cmNlPXNuaXBwZXQmc2Vzc2lvbj00MUU2RjU0RDA4RDdCRDBEJnNwPTg1MjU1OSZwYj03NTMyNjQmYz03NjQ3MjMmYT0zMTA1MzEmZXh0dWlkPQ%253D%253D%26uid%3D%24UID
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

location
https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F13253%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D50041293-bec2-457f-8935-69542820b2b3%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zeW5jLmhibXAubWVkaWFmdXNlLmNvbS9jc3luYz90PWcmZXA9NzM3JnRyYWZmaWNfc291cmNlPXNuaXBwZXQmc2Vzc2lvbj00MUU2RjU0RDA4RDdCRDBEJnNwPTg1MjU1OSZwYj03NTMyNjQmYz03NjQ3MjMmYT0zMTA1MzEmZXh0dWlkPQ%253D%253D%26uid%3D%24UID
date
Tue, 30 Jul 2024 16:38:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
vary
accept-encoding
1px-matching-adtelligent.gif
t.trafmag.com/images/images/
35 B
349 B
Image
General
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=4956c3ff1cbc4136
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="NON DSP COR CURa TIA"
Date
Tue, 30 Jul 2024 16:39:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
sync
vid.vidoomy.com/
0
0

csync
sync.hbmp.mediafuse.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D32%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D765041%26a%3D29...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.hbmp.mediafuse.com%252Fcsync%253Ft%253Dg%2526ep%253D32%2526traffic_source%253Dsnippet%2526session%253D41E6F54D08D7BD0D%2526sp%253D85...
  • https://sync.hbmp.mediafuse.com/csync?t=g&ep=32&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=765041&a=297253&extuid=7473332277637949819
43 B
456 B
Image
General
Full URL
https://sync.hbmp.mediafuse.com/csync?t=g&ep=32&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=765041&a=297253&extuid=7473332277637949819
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Mediafuse /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 16:38:59 GMT
Server
Mediafuse
Etag
4956c3ff1cbc4136
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
an-x-request-uuid
4c658426-a33e-469a-b589-f9b1c458ff6f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.hbmp.mediafuse.com/csync?t=g&ep=32&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=765041&a=297253&extuid=7473332277637949819
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.hbmp.mediafuse.com/
Redirect Chain
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D358%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%...
  • https://sync.hbmp.mediafuse.com/csync?t=g&ep=358&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=765043&a=753378&extuid=3a994da8-1171-4683-928a-3bdfca61ef5c
43 B
474 B
Image
General
Full URL
https://sync.hbmp.mediafuse.com/csync?t=g&ep=358&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=765043&a=753378&extuid=3a994da8-1171-4683-928a-3bdfca61ef5c
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Mediafuse /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 16:38:59 GMT
Server
Mediafuse
Etag
4956c3ff1cbc4136
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 30 Jul 2024 16:39:42 GMT
Location
https://sync.hbmp.mediafuse.com/csync?t=g&ep=358&traffic_source=snippet&session=41E6F54D08D7BD0D&sp=852559&pb=753264&c=765043&a=753378&extuid=3a994da8-1171-4683-928a-3bdfca61ef5c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
Expires
0
ba496353-127c-4594-9be0-7ee6d48710a6
img.onesignal.com/permanent/
10 KB
11 KB
Image
General
Full URL
https://img.onesignal.com/permanent/ba496353-127c-4594-9be0-7ee6d48710a6
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e3f80e70dd682f918168bd67111a66067f25d59058f0e452707df6fae29d65d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Tue, 30 Jul 2024 16:39:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
x-guploader-uploadid
AHxI1nPU3Jhcb6wRpswRaGgNu0Z8AKxjNT4RxyrDJ7HgO9MgzLlCwe4bRJ7Jyfwu4MDTR689HW8
x-goog-meta-x-goog-source-etag
"00a229e84c3e367f105e6b8c776becab"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
10588
pragma
no-cache
last-modified
Tue, 14 Feb 2023 03:54:42 GMT
server
cloudflare
etag
"-COfCy+OOlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676346882449767
content-type
application/octet-stream
x-goog-hash
crc32c=eCdo/Q==, md5=AKIp6Ew+Nn8QXmuMd2vsqw==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
10588
accept-ranges
bytes
cf-ray
8ab6c8414f4a39e4-YYZ
expires
Fri, 30 Aug 2024 16:39:00 GMT
hadron.js
cdn.hadronid.net/
56 KB
12 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?partner_id=170&sync=1&url=https%3A%2F%2Fstateways.com%2F
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
server
cloudflare
x-amz-request-id
4GNTEWM5RE8S976C
age
78
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=432000
cf-ray
8ab6c8423855a1f8-YYZ
x-amz-id-2
1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=
expires
Sun, 04 Aug 2024 16:39:00 GMT
170
p.ad.gt/api/v1/p/
40 KB
13 KB
Script
General
Full URL
https://p.ad.gt/api/v1/p/170
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc61a6743f4691333d1e3814f8aec6b0a34bf58637d019c1d26d89cd27a973ce

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2024 16:27:47 GMT
server
cloudflare
age
194
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8ab6c84279b8ab3f-YYZ
ip_match
ids.ad.gt/api/v1/
0
0

match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001722357540-JE1548LB-EP77&adnxs_id=$UID&gdpr=0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001722357540-JE1548LB-EP77&adnxs_id=7473332277637949819&gdpr=0
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001722357540-JE1548LB-EP77&adnxs_id=7473332277637949819&gdpr=0
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
44.230.128.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-128-104.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:01 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
an-x-request-uuid
2848ec71-b41d-4a18-9d83-a61f32fb9a86
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001722357540-JE1548LB-EP77&adnxs_id=7473332277637949819&gdpr=0
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001722357540-JE1548LB-EP77&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&id=AU1D-0100-001722357540-JE1548LB-EP77
0
0

pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001722357540-JE1548LB-EP77
  • https://ids.ad.gt/api/v1/pbm_match?pbm=CDBFB85C-5355-4674-AB0B-169E3223272E&id=AU1D-0100-001722357540-JE1548LB-EP77
0
0

token
token.rubiconproject.com/
0
1 KB
Image
General
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001722357540-JE1548LB-EP77&gdpr=0
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
574abe46412f7df61ec8713ff1a5b646
Expires
0
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001722357540-JE1548LB-EP77&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001722357540...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001722357540-JE1548LB-EP77&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001722...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e9f26bca-091c-447e-b953-b9c9df802871%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&ttd_puid=e9f26bca-091c-447e-b953-b9c9df802871%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001722357540-JE1548LB-EP77&tapad_id=e9f26bca-091c-447e-b953-b9c9df802871
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001722357540-JE1548LB-EP77&tapad_id=e9f26bca-091c-447e-b953-b9c9df802871
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
44.230.128.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-128-104.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

date
Tue, 30 Jul 2024 16:39:00 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001722357540-JE1548LB-EP77&tapad_id=e9f26bca-091c-447e-b953-b9c9df802871
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001722357540-JE1548LB-EP77
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001722357540-JE1548LB-EP77&google_gid=CAESEAhr9_puJzrGs5tndBgoIjI&google_cver=1&google_ula=450542624,0
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001722357540-JE1548LB-EP77&google_gid=CAESEAhr9_puJzrGs5tndBgoIjI&google_cver=1&google_ula=450542624,0
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
44.230.128.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-128-104.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001722357540-JE1548LB-EP77&google_gid=CAESEAhr9_puJzrGs5tndBgoIjI&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g_hosted
ids.ad.gt/api/v1/
0
0

getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001722357540-JE1548LB-EP77%26sas_uid%3D%5bsas_uid%5d&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001722357540-JE1548LB-EP77&sas_uid=[sas_uid]&gdpr=0&cklb=1
0
316 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001722357540-JE1548LB-EP77&sas_uid=[sas_uid]&gdpr=0&cklb=1
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
HTTP/1.1
Server
23.105.14.106 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.106.rdns.racklot.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001722357540-JE1548LB-EP77&sas_uid=[sas_uid]&gdpr=0&cklb=1
pragma
no-cache
date
Tue, 30 Jul 2024 16:38:59 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
impr_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001722357540-JE1548LB-EP77%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001722357540-JE1548LB-EP77%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001722357540-JE1548LB-EP77&impr_uid=622f994f-1ae9-4ccf-9678-5ee2b099735f
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001722357540-JE1548LB-EP77&impr_uid=622f994f-1ae9-4ccf-9678-5ee2b099735f
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
44.230.128.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-128-104.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001722357540-JE1548LB-EP77&impr_uid=622f994f-1ae9-4ccf-9678-5ee2b099735f
access-control-allow-origin
*
date
Tue, 30 Jul 2024 16:39:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
content-type
text/plain
amo_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001722357540-JE1548LB-EP77
  • https://ids.ad.gt/api/v1/amo_match?turn_id=8027953497467205434&id=AU1D-0100-001722357540-JE1548LB-EP77
0
0

hadron.json
id.hadron.ad.gt/v1/
123 B
282 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=170&sync=0&domain=stateways.com&url=
Requested by
Host: id.hadron.ad.gt
URL: https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=170&_it=prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
288090a9704b05fcefad2f6a294668d40e1443b339a7d9a60b7362eed2a016ae

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization,content-type
cf-ray
8ab6c8428e0936d2-YYZ
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=170&sync=0&domain=stateways.com&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://stateways.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8ab6c8423da536d2-YYZ
content-length
0
content-type
application/json
date
Tue, 30 Jul 2024 16:39:00 GMT
debug
OPTIONS block
expires
Wed, 30 Jul 2025 16:39:00 GMT
server
cloudflare
p
cdp.omeda.com/olytics/segments/
20 B
341 B
XHR
General
Full URL
https://cdp.omeda.com/olytics/segments/p
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Tue, 30 Jul 2024 16:38:59 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
20
X-XSS-Protection
1; mode=block
p
cdp.omeda.com/olytics/segments/ Frame
0
0
Preflight
General
Full URL
https://cdp.omeda.com/olytics/segments/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://stateways.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Connection
keep-alive
Content-Length
0
Date
Tue, 30 Jul 2024 16:38:59 GMT
Keep-Alive
timeout=5
Server
Apache
vary
access-control-request-method,Access-Control-Request-Headers
ecommerce.js
www.google-analytics.com/plugins/ua/
1 KB
655 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f139.1e100.net
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:18:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
1243
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 30 Jul 2024 17:18:17 GMT
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f139.1e100.net
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:18:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
1243
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 30 Jul 2024 17:18:17 GMT
js
www.googletagmanager.com/gtag/
252 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c3ddba19da5e96a10b2724c8c1145373b14ac719b6e1594a7b9af0e8055f58e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90978
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Jul 2024 16:39:00 GMT
collect
a.ad.gt/api/v1/
0
91 B
XHR
General
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8ab6c842c8e9ac93-YYZ
vary
Origin
getpixels
pixels.ad.gt/api/v1/
0
88 B
Script
General
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=4a1a7b053e2eaccc2f7d768b8c174400&url=https%3A%2F%2Fstateways.com%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8ab6c8455f37ab27-YYZ
halo_match
ids.ad.gt/api/v1/
0
0

ad300home.
fundingchoicesmessages.google.com/f/AGSKWxWO5Y1aAnaw2Tk4KEhoyha0Z-WEgFANQf1qMR5Gf4PwDLSb09uS7A3zQ2NUquVBuEZpDZsQ8C9-1R6aXIjy7KyXkZia0plzkq4L034qysqUpd4rLnv9FQ33H7cUbnSv95f5zyXlGH0CJQhDZ3_YiMh9Ooirt...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWO5Y1aAnaw2Tk4KEhoyha0Z-WEgFANQf1qMR5Gf4PwDLSb09uS7A3zQ2NUquVBuEZpDZsQ8C9-1R6aXIjy7KyXkZia0plzkq4L034qysqUpd4rLnv9FQ33H7cUbnSv95f5zyXlGH0CJQhDZ3_YiMh9OoirtOi9sHfAVtf-IZ626M2Uxye-vA3IETzj/_/t-ads._adchoices./iframedartad./responsive_ads./ad300home.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.olPxG0uqAvw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwnTbTmN7bbCFMFJjZE-5wmEhlLRg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f101.1e100.net
Software
ESF /
Resource Hash
b8fd4fb1c608284050d7c2e099581125286c05ee8459484dd19eb413bf25f9ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uJAzAcvriMPpf7nab0vXrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-uJAzAcvriMPpf7nab0vXrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HEvWLdnKJtDQ_vUdo5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJgbmRhZ6BeXyBAQCrZTwq"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/
61 B
76 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.olPxG0uqAvw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwnTbTmN7bbCFMFJjZE-5wmEhlLRg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:34:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
server
cafe
etag
16023549773543154165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 30 Jul 2024 17:34:55 GMT
AGSKWxVvi0dunkStJ3dau6YZFqkx3D4wLfgEr9SQ0bjpbazgYAeuwHmT6Lh0VE-eeQeeT1KLy5_9K3Cij_euzr4nWE_uYx4hYRUKbZ8VQo8-z91D4IU0CGD9621tVeqHjcViY4p3kUVvVA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvi0dunkStJ3dau6YZFqkx3D4wLfgEr9SQ0bjpbazgYAeuwHmT6Lh0VE-eeQeeT1KLy5_9K3Cij_euzr4nWE_uYx4hYRUKbZ8VQo8-z91D4IU0CGD9621tVeqHjcViY4p3kUVvVA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.olPxG0uqAvw.es5.O/am=Phg/d=1/rs=AJlcJMxJ6SqPXVz_qNg_tblT8qFSGgu05w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jq7nkR7gxddcfJNhZUQ3UQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-jq7nkR7gxddcfJNhZUQ3UQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsIUD8-fE51t9AvCTiIuuRxIusQjwcS9Yt2com0LD6-2QmJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYG5kqWdgHl9gAAA7SiuH"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://stateways.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://stateways.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 30 Jul 2024 16:39:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://stateways.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://stateways.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 30 Jul 2024 16:39:00 GMT
trinity.json
apex.go.sonobi.com/
2 KB
2 KB
Fetch
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22249c2940665ed2%22%3A%2245554303f645710893f7%7C970x90%2C728x90%7Cgpid%3D%2F35190362%2FSWY_ROS_970_Top%23div-gpt-ad-1588190410881-0%2Cc%3Dd%2C%22%2C%223fbf756950d889%22%3A%2245554303f645710893f7%7C970x90%2C728x90%7Cgpid%3D%2F35190362%2FSWY_ROS_728_Top%23div-gpt-ad-1588190070930-0%2Cc%3Dd%2C%22%2C%22486876e6965ebb%22%3A%2245554303f645710893f7%7C728x90%7Cgpid%3D%2F35190362%2FSWY_ROS_728_Middle%23div-gpt-ad-1627934789523-0%2Cc%3Dd%2C%22%2C%225dbcac34d758a5%22%3A%2245554303f645710893f7%7C728x90%7Cgpid%3D%2F35190362%2FSWY_ROS_728_Bottom%23div-gpt-ad-1627934748447-0%2Cc%3Dd%2C%22%2C%2264cab4623cd8b2%22%3A%2245554303f645710893f7%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F35190362%2FSWY_ROS_300_Top%23div-gpt-ad-1554392310720-0%2Cc%3Dd%2C%22%2C%22762f9d5eb30364%22%3A%2245554303f645710893f7%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F35190362%2FSWY_ROS_300_Middle%23div-gpt-ad-1554489921736-0%2Cc%3Dd%2C%22%2C%22884e22e21b49a6%22%3A%2245554303f645710893f7%7C300x600%2C160x600%2C300x250%7Cgpid%3D%2F35190362%2FSWY_ROS_300_Bottom%23div-gpt-ad-1627935533051-0%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fstateways.com%2F&s=38d2c3bd-237a-4f1f-97c3-173caa5dbacd&pv=df0fd514-be26-44c0-85d0-a0ecdf452331&vp=desktop&lib_name=prebid&lib_v=8.52.0&us=0&iqid=%7B%22pcid%22%3A%229f773db6-3ecc-441b-93b7-25fe5951dadc%22%2C%22pcidDate%22%3A1722357540529%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22stateways.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22stateways.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fstateways.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22mediafuse.com%22%2C%22sid%22%3A%22144%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223709492c-5aa9-45a9-b73b-e67aea32f2e0%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b59585519199c1bc8626e4428c532f3495bf5500585cc636a675ce095906a2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-114
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
803
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/
0
191 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.52.0&cb=48344962396&lsavail=1
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:38:59 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/
0
111 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/
11 B
231 B
Fetch
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:38:52 GMT
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
hbjson
grid.bidswitch.net/
24 B
262 B
Fetch
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a8582ebd34fb338f48523ed8d1879b77e5e56a2ce178747438e5715248700969
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
nginx
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
49
pb
ad.360yield.com/1628/
0
366 B
Fetch
General
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.154.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/1628/
0
367 B
Fetch
General
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.154.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/1628/
0
366 B
Fetch
General
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.154.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/1628/
0
365 B
Fetch
General
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.154.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/1628/
0
367 B
Fetch
General
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.154.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/1628/
0
366 B
Fetch
General
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.154.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/1628/
0
366 B
Fetch
General
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.154.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/1628/
0
367 B
Fetch
General
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.154.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/1628/
0
367 B
Fetch
General
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.154.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/1628/
0
367 B
Fetch
General
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.154.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/1628/
0
367 B
Fetch
General
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.154.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/1628/
0
367 B
Fetch
General
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.154.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/1628/
0
367 B
Fetch
General
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.154.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/1628/
0
367 B
Fetch
General
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.154.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/1628/
0
367 B
Fetch
General
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.154.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
176 B
Fetch
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
access-control-max-age
3600
access-control-allow-credentials
true
vary
Origin
access-control-allow-methods
POST
prebid
prebid.media.net/rtb/
56 B
207 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO2I9ST
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stateways.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
103
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Jul 2024 16:39:00 GMT
ROS
pbjs.e-planning.net/hb/1/2e43c/1/stateways.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/stateways.com/ROS?rnd=0.6758751991897949&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90%2B728x90_2%3A728x90%2B728x90_3%3A728x90%2B300x250_0%3A3...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/stateways.com/ROS?ct=1&r=pbjs&rnd=0.6758751991897949&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90%2B728x90_2%3A728x90%2B728x90_3%3A728x90%2B300...
167 B
631 B
Fetch
General
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/stateways.com/ROS?ct=1&r=pbjs&rnd=0.6758751991897949&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90%2B728x90_2%3A728x90%2B728x90_3%3A728x90%2B300x250_0%3A300x250%2C300x600%2C160x600%2B300x250_1%3A300x250%2C300x600%2C160x600%2B300x250_2%3A300x250%2C300x600%2C160x600&ur=https%3A%2F%2Fstateways.com%2F&pbv=8.52.0&ncb=1&vs=FFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fstateways.com%2F&ccpa=1---&e_pubcid=3709492c-5aa9-45a9-b73b-e67aea32f2e0
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
81ad599b03f27c2eb6913323bb5897bd52582c9e5196856ff7fbf96a7345bbcd

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-sid
IAD-1216
date
Tue, 30 Jul 2024 16:39:00 GMT
server
openresty
accept-ch
sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
content-type
application/json
access-control-allow-origin
https://stateways.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
167
expires
Tue, 30 Jul 2024 16:39:00 GMT

Redirect headers

date
Tue, 30 Jul 2024 16:39:00 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://stateways.com
location
/hb/1/2e43c/1/stateways.com/ROS?ct=1&r=pbjs&rnd=0.6758751991897949&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90%2B728x90_2%3A728x90%2B728x90_3%3A728x90%2B300x250_0%3A300x250%2C300x600%2C160x600%2B300x250_1%3A300x250%2C300x600%2C160x600%2B300x250_2%3A300x250%2C300x600%2C160x600&ur=https%3A%2F%2Fstateways.com%2F&pbv=8.52.0&ncb=1&vs=FFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fstateways.com%2F&ccpa=1---&e_pubcid=3709492c-5aa9-45a9-b73b-e67aea32f2e0
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
IAD-1216
c
prebid.a-mo.net/a/
0
207 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:38:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
server
envoy
vary
origin, accept-encoding, Accept-Encoding
prebid
prebid.media.net/rtb/
56 B
539 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU816538
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stateways.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
104
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Jul 2024 16:39:00 GMT
prebid
ssp.disqus.com/bid/
0
283 B
Fetch
General
Full URL
https://ssp.disqus.com/bid/prebid?sid=710
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.117.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-117-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
cache-control
no-store
access-control-allow-credentials
true
vary
origin
expires
0
prebid
ib.adnxs.com/ut/v3/
54 KB
14 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.178.10 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
45c0c4becdf9a79709e86f0a410bb23b6c6a11dced99927ccdf07ff21469a772
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
gzip
an-x-request-uuid
d6d57a80-f24f-4b05-a731-35e8160a826d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stateways.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/
2 KB
2 KB
Fetch
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2211791858e3c65086%22%3A%2255f3dde57d605f7ad35c%7C728x90%2C970x90%7Cgpid%3D%2F35190362%2FSWY_ROS_970_Top%23div-gpt-ad-1588190410881-0%2Cc%3Dd%2C%22%2C%22118dce4035a9eef3%22%3A%2255f3dde57d605f7ad35c%7C728x90%2C970x90%7Cgpid%3D%2F35190362%2FSWY_ROS_728_Top%23div-gpt-ad-1588190070930-0%2Cc%3Dd%2C%22%2C%221197f5220646717%22%3A%2255f3dde57d605f7ad35c%7C728x90%7Cgpid%3D%2F35190362%2FSWY_ROS_728_Middle%23div-gpt-ad-1627934789523-0%2Cc%3Dd%2C%22%2C%22120967bb46b9b8d2%22%3A%2255f3dde57d605f7ad35c%7C728x90%7Cgpid%3D%2F35190362%2FSWY_ROS_728_Bottom%23div-gpt-ad-1627934748447-0%2Cc%3Dd%2C%22%2C%22121a8e3b48394a87%22%3A%2255f3dde57d605f7ad35c%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F35190362%2FSWY_ROS_300_Top%23div-gpt-ad-1554392310720-0%2Cc%3Dd%2C%22%2C%2212220f8183cc00f6%22%3A%2255f3dde57d605f7ad35c%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F35190362%2FSWY_ROS_300_Middle%23div-gpt-ad-1554489921736-0%2Cc%3Dd%2C%22%2C%22123c2b85695477c5%22%3A%2255f3dde57d605f7ad35c%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F35190362%2FSWY_ROS_300_Bottom%23div-gpt-ad-1627935533051-0%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fstateways.com%2F&s=f8381848-9f91-4a70-ac68-a9929d5f0813&pv=df0fd514-be26-44c0-85d0-a0ecdf452331&vp=desktop&lib_name=prebid&lib_v=8.52.0&us=0&iqid=%7B%22pcid%22%3A%229f773db6-3ecc-441b-93b7-25fe5951dadc%22%2C%22pcidDate%22%3A1722357540529%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22stateways.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22stateways.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fstateways.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adtelligent.com%22%2C%22sid%22%3A%22283366%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223709492c-5aa9-45a9-b73b-e67aea32f2e0%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
3438aba5d51070c3e9a774447370836a103669de35fcb23d9be86ece5aac5195
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
754
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/
0
154 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, accept-encoding, Accept-Encoding
hb
ssc.33across.com/api/v1/
119 B
356 B
Fetch
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=b-64TSyTCr7RPcrkHcnnVW
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1f9cc374f5801372c1c766d7d0bdfafe314420e5a5e0e03c34249653d55862d1

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://stateways.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
119 B
195 B
Fetch
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=b-64TSyTCr7RPcrkHcnnVW
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1f9cc374f5801372c1c766d7d0bdfafe314420e5a5e0e03c34249653d55862d1

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://stateways.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
119 B
186 B
Fetch
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=b-64TSyTCr7RPcrkHcnnVW
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1f9cc374f5801372c1c766d7d0bdfafe314420e5a5e0e03c34249653d55862d1

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://stateways.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
119 B
195 B
Fetch
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=b-64TSyTCr7RPcrkHcnnVW
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1f9cc374f5801372c1c766d7d0bdfafe314420e5a5e0e03c34249653d55862d1

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://stateways.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
119 B
186 B
Fetch
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=b-64TSyTCr7RPcrkHcnnVW
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1f9cc374f5801372c1c766d7d0bdfafe314420e5a5e0e03c34249653d55862d1

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://stateways.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
119 B
186 B
Fetch
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=b-64TSyTCr7RPcrkHcnnVW
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1f9cc374f5801372c1c766d7d0bdfafe314420e5a5e0e03c34249653d55862d1

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://stateways.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
119 B
195 B
Fetch
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=b-64TSyTCr7RPcrkHcnnVW
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1f9cc374f5801372c1c766d7d0bdfafe314420e5a5e0e03c34249653d55862d1

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://stateways.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdb
bidder.criteo.com/
0
192 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.52.0&cb=5731853797&lsavail=1
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:00 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/
391 B
425 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24434&site_id=423220&zone_id=2404598&size_id=2&alt_size_ids=55&us_privacy=1---&rp_schain=1.0,1!mediafuse.com,144,1,,,&eid_pubcid.org=3709492c-5aa9-45a9-b73b-e67aea32f2e0%5E1&rf=https%3A%2F%2Fstateways.com%2F&tg_i.domain=stateways.com&tg_i.page=https%3A%2F%2Fstateways.com%2F&tg_i.pbadslot=%2F35190362%2FSWY_ROS_970_Top%23div-gpt-ad-1588190410881-0&tk_flint=pbjs_lite_v8.52.0&l_pb_bid_id=15860cc2b4bb511d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F35190362%2FSWY_ROS_970_Top%23div-gpt-ad-1588190410881-0&m_ch_mobile=%3F0&slots=1&rand=0.8994135763775581
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
97371c27cc246257f81839991c10834569156f1ec90012e95fa9954e5067ef87

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
391 B
425 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24434&site_id=423220&zone_id=2404598&size_id=2&alt_size_ids=55&us_privacy=1---&rp_schain=1.0,1!mediafuse.com,144,1,,,&eid_pubcid.org=3709492c-5aa9-45a9-b73b-e67aea32f2e0%5E1&rf=https%3A%2F%2Fstateways.com%2F&tg_i.domain=stateways.com&tg_i.page=https%3A%2F%2Fstateways.com%2F&tg_i.pbadslot=%2F35190362%2FSWY_ROS_728_Top%23div-gpt-ad-1588190070930-0&tk_flint=pbjs_lite_v8.52.0&l_pb_bid_id=159687b5593c92a9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F35190362%2FSWY_ROS_728_Top%23div-gpt-ad-1588190070930-0&m_ch_mobile=%3F0&slots=1&rand=0.6489558586364856
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
52ca1b930916c7dd73c1ede8e466e960178724d6bb7bc88abc059468f4d9ce41

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
374 B
581 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24434&site_id=423220&zone_id=2404598&size_id=2&us_privacy=1---&rp_schain=1.0,1!mediafuse.com,144,1,,,&eid_pubcid.org=3709492c-5aa9-45a9-b73b-e67aea32f2e0%5E1&rf=https%3A%2F%2Fstateways.com%2F&tg_i.domain=stateways.com&tg_i.page=https%3A%2F%2Fstateways.com%2F&tg_i.pbadslot=%2F35190362%2FSWY_ROS_728_Middle%23div-gpt-ad-1627934789523-0&tk_flint=pbjs_lite_v8.52.0&l_pb_bid_id=160f698ebfc5f22c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F35190362%2FSWY_ROS_728_Middle%23div-gpt-ad-1627934789523-0&m_ch_mobile=%3F0&slots=1&rand=0.38988508461930227
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0fa4e429088ac8574a5e085bf11e77be832ba92b51774cf1c5fce8e93db8896e

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
374
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
374 B
408 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24434&site_id=423220&zone_id=2404598&size_id=2&us_privacy=1---&rp_schain=1.0,1!mediafuse.com,144,1,,,&eid_pubcid.org=3709492c-5aa9-45a9-b73b-e67aea32f2e0%5E1&rf=https%3A%2F%2Fstateways.com%2F&tg_i.domain=stateways.com&tg_i.page=https%3A%2F%2Fstateways.com%2F&tg_i.pbadslot=%2F35190362%2FSWY_ROS_728_Bottom%23div-gpt-ad-1627934748447-0&tk_flint=pbjs_lite_v8.52.0&l_pb_bid_id=161dc7fa08538a34&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F35190362%2FSWY_ROS_728_Bottom%23div-gpt-ad-1627934748447-0&m_ch_mobile=%3F0&slots=1&rand=0.9208392120527151
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
218c2cead85c9a06900401035d8635a8a6d7a349ba56d0b3e470af3cd33a425f

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
374
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
394 B
428 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24434&site_id=423220&zone_id=2404598&size_id=15&alt_size_ids=9%2C10&us_privacy=1---&rp_schain=1.0,1!mediafuse.com,144,1,,,&eid_pubcid.org=3709492c-5aa9-45a9-b73b-e67aea32f2e0%5E1&rf=https%3A%2F%2Fstateways.com%2F&tg_i.domain=stateways.com&tg_i.page=https%3A%2F%2Fstateways.com%2F&tg_i.pbadslot=%2F35190362%2FSWY_ROS_300_Top%23div-gpt-ad-1554392310720-0&tk_flint=pbjs_lite_v8.52.0&l_pb_bid_id=162e709e59bdd774&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F35190362%2FSWY_ROS_300_Top%23div-gpt-ad-1554392310720-0&m_ch_mobile=%3F0&slots=1&rand=0.7807230128358817
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
327bcfa6fc42b9fd72385f5b28a856d2adb2c63db3a5eacfe64ccab0214d3fc3

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
394
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
397 B
431 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24434&site_id=423220&zone_id=2404598&size_id=15&alt_size_ids=9%2C10&us_privacy=1---&rp_schain=1.0,1!mediafuse.com,144,1,,,&eid_pubcid.org=3709492c-5aa9-45a9-b73b-e67aea32f2e0%5E1&rf=https%3A%2F%2Fstateways.com%2F&tg_i.domain=stateways.com&tg_i.page=https%3A%2F%2Fstateways.com%2F&tg_i.pbadslot=%2F35190362%2FSWY_ROS_300_Middle%23div-gpt-ad-1554489921736-0&tk_flint=pbjs_lite_v8.52.0&l_pb_bid_id=163adcf292d72e36&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F35190362%2FSWY_ROS_300_Middle%23div-gpt-ad-1554489921736-0&m_ch_mobile=%3F0&slots=1&rand=0.021534462405203403
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c33a676bd3eea1fd7eeca62c44c0e0d2460ba87528b01add32cfb311d919cef2

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
397 B
431 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24434&site_id=423220&zone_id=2404598&size_id=15&alt_size_ids=9%2C10&us_privacy=1---&rp_schain=1.0,1!mediafuse.com,144,1,,,&eid_pubcid.org=3709492c-5aa9-45a9-b73b-e67aea32f2e0%5E1&rf=https%3A%2F%2Fstateways.com%2F&tg_i.domain=stateways.com&tg_i.page=https%3A%2F%2Fstateways.com%2F&tg_i.pbadslot=%2F35190362%2FSWY_ROS_300_Bottom%23div-gpt-ad-1627935533051-0&tk_flint=pbjs_lite_v8.52.0&l_pb_bid_id=164f9e839665da13&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F35190362%2FSWY_ROS_300_Bottom%23div-gpt-ad-1627935533051-0&m_ch_mobile=%3F0&slots=1&rand=0.905721085850087
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
289080fe99a1ac9072ca848dc835bb34da458d9416cc7032a77e799599d88df6

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
39 KB
11 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.178.10 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a66e8c3d2028293e84c41757d64e43495bd9ad5ed1e40c285e643546ab676ad4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
content-encoding
gzip
an-x-request-uuid
6ed9bee5-c4c0-446b-a457-bcb84346c7e9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stateways.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/
15 B
410 B
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://stateways.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
adreq
ads.servenobid.com/
645 B
664 B
Fetch
General
Full URL
https://ads.servenobid.com/adreq?cb=4035
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.242.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-242-236.compute-1.amazonaws.com
Software
/
Resource Hash
bbe6df5ce9e35ec2c1b0964d04d0f68d56f672bfe4dfdb062a1c9705249542b7

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:01 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://stateways.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
/
ghb.adtelligent.com/v2/auction/
27 KB
2 KB
Fetch
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.11.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b5c0875d9860fb693414d34f77a5aeadcef64715765f9435e72bcb5c6b6dc304

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 30 Jul 2024 16:39:00 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://stateways.com
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1699
unruly_prebid
targeting.unrulymedia.com/
11 B
230 B
Fetch
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:00 GMT
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
AGSKWxVvi0dunkStJ3dau6YZFqkx3D4wLfgEr9SQ0bjpbazgYAeuwHmT6Lh0VE-eeQeeT1KLy5_9K3Cij_euzr4nWE_uYx4hYRUKbZ8VQo8-z91D4IU0CGD9621tVeqHjcViY4p3kUVvVA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvi0dunkStJ3dau6YZFqkx3D4wLfgEr9SQ0bjpbazgYAeuwHmT6Lh0VE-eeQeeT1KLy5_9K3Cij_euzr4nWE_uYx4hYRUKbZ8VQo8-z91D4IU0CGD9621tVeqHjcViY4p3kUVvVA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.olPxG0uqAvw.es5.O/am=Phg/d=1/rs=AJlcJMxJ6SqPXVz_qNg_tblT8qFSGgu05w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-em1xyK6xsky8bh-P5DTKxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-em1xyK6xsky8bh-P5DTKxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw7Fk3ZKtbAIndi1azaTkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMjSz1DMzjCwwARBsrow"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVvi0dunkStJ3dau6YZFqkx3D4wLfgEr9SQ0bjpbazgYAeuwHmT6Lh0VE-eeQeeT1KLy5_9K3Cij_euzr4nWE_uYx4hYRUKbZ8VQo8-z91D4IU0CGD9621tVeqHjcViY4p3kUVvVA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvi0dunkStJ3dau6YZFqkx3D4wLfgEr9SQ0bjpbazgYAeuwHmT6Lh0VE-eeQeeT1KLy5_9K3Cij_euzr4nWE_uYx4hYRUKbZ8VQo8-z91D4IU0CGD9621tVeqHjcViY4p3kUVvVA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.olPxG0uqAvw.es5.O/am=Phg/d=1/rs=AJlcJMxJ6SqPXVz_qNg_tblT8qFSGgu05w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZP8t7YCSrjoK_da7bYSeWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZP8t7YCSrjoK_da7bYSeWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw7Fk3ZKtbAIzJm_ZyaTkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMjSz1DMzjCwwAN1crdA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVvi0dunkStJ3dau6YZFqkx3D4wLfgEr9SQ0bjpbazgYAeuwHmT6Lh0VE-eeQeeT1KLy5_9K3Cij_euzr4nWE_uYx4hYRUKbZ8VQo8-z91D4IU0CGD9621tVeqHjcViY4p3kUVvVA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvi0dunkStJ3dau6YZFqkx3D4wLfgEr9SQ0bjpbazgYAeuwHmT6Lh0VE-eeQeeT1KLy5_9K3Cij_euzr4nWE_uYx4hYRUKbZ8VQo8-z91D4IU0CGD9621tVeqHjcViY4p3kUVvVA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.olPxG0uqAvw.es5.O/am=Phg/d=1/rs=AJlcJMxJ6SqPXVz_qNg_tblT8qFSGgu05w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YTSFrvkP5dHNb3DvJ2s7TQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-YTSFrvkP5dHNb3DvJ2s7TQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw7Fk3ZKtbAI_Nh7bxaTkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMjSz0DMzjCwwAXnYr_Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWT5ULoF-qOzzPdhaw-v0574D7jaiP2tQEtW1Y8kS_N2vcuScH7yo3me7WTvd0qnZhoxuNSvsjrpjugPySV0k1VuNwvynGtaM99Ff13xLWnOvr79FdUvHNTOFkMsXAwM3O5Q_CAdw==
fundingchoicesmessages.google.com/f/
8 KB
3 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWT5ULoF-qOzzPdhaw-v0574D7jaiP2tQEtW1Y8kS_N2vcuScH7yo3me7WTvd0qnZhoxuNSvsjrpjugPySV0k1VuNwvynGtaM99Ff13xLWnOvr79FdUvHNTOFkMsXAwM3O5Q_CAdw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyMzU3NTQwLDYwMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vc3RhdGV3YXlzLmNvbS8iLG51bGwsW1s4LCJvbFB4RzB1cUF2dyJdLFs5LCJlbi1VUyJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQxODldLG51bGwsNl0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.olPxG0uqAvw.es5.O/am=Phg/d=1/rs=AJlcJMxJ6SqPXVz_qNg_tblT8qFSGgu05w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f101.1e100.net
Software
ESF /
Resource Hash
2ce1b69b06e509223f4a267b45e7d790d6a79ca763f9ef19f1f0272fbab4e115
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MKGsV0DU2NPma1ekSX1lKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-MKGsV0DU2NPma1ekSX1lKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw05BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HEvWLdnKJtCxZflGJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA3MjCz0D8_gCAwCfqDva"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV8ZLfPmb5HLvLZhLXh6J2mi7_Nus3Wq7MGJ1lHNhJzLWOV5g4v1IMQY6guMLgmNIZFKBphVcalFfg-bIY6K8Q_Jo_sO3U53VHmHom0g9kHOdtX4WowcaI65enmW-jLeFOYgQL0yQ==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV8ZLfPmb5HLvLZhLXh6J2mi7_Nus3Wq7MGJ1lHNhJzLWOV5g4v1IMQY6guMLgmNIZFKBphVcalFfg-bIY6K8Q_Jo_sO3U53VHmHom0g9kHOdtX4WowcaI65enmW-jLeFOYgQL0yQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyMzU3NTQwLDY3NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vc3RhdGV3YXlzLmNvbS8iLG51bGwsW1s4LCJvbFB4RzB1cUF2dyJdLFs5LCJlbi1VUyJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQxODldLG51bGwsNl0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.olPxG0uqAvw.es5.O/am=Phg/d=1/rs=AJlcJMxJ6SqPXVz_qNg_tblT8qFSGgu05w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f101.1e100.net
Software
ESF /
Resource Hash
7b75c7e6334b4479ba66025dd55a2c97dd99458faaa2d97a8c49749ddf4d3385
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aE8onWUWtF_tkqQgFrK3wQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-aE8onWUWtF_tkqQgFrK3wQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HEvWLdnKJrBh7-drTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBuZGFnoG5vEFBgC1Ojxv"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVLOO0wHUwm0zjFpKnGE81VgpJgzi1Bqm34LlrCkrSrz9Nwspj5hq_JP3ju30KJ57LauIARs0D76NjQXwGUQAdFBoqEZohC-IppL_xIBRdEYBk3ZRvz3JNcN0-3gvNFyo42q65FSg==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVLOO0wHUwm0zjFpKnGE81VgpJgzi1Bqm34LlrCkrSrz9Nwspj5hq_JP3ju30KJ57LauIARs0D76NjQXwGUQAdFBoqEZohC-IppL_xIBRdEYBk3ZRvz3JNcN0-3gvNFyo42q65FSg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyMzU3NTQwLDc0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zdGF0ZXdheXMuY29tLyIsbnVsbCxbWzgsIm9sUHhHMHVxQXZ3Il0sWzksImVuLVVTIl0sWzIyLCJ0cnVlIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDE4OV0sbnVsbCw2XSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.olPxG0uqAvw.es5.O/am=Phg/d=1/rs=AJlcJMxJ6SqPXVz_qNg_tblT8qFSGgu05w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f101.1e100.net
Software
ESF /
Resource Hash
93efd9d0cdc921da64302c19cd8d4f6ce0b83640be78ca7a38e30c7036882ec5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-W400URWydhTzveHFKOVsrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-W400URWydhTzveHFKOVsrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw15BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HEvWLdnKJrCh-fhPJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA3MjCz0D8_gCAwCwvjw6"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXxDhfy_Z2znJZOiGtK74L7NdGYt8kUbaj4lW9kjJ_BEy1hAwSCsGEt-CpOXVwA2TbgZ-PUdbIGNvu4x7s2mbU7h636YcPvntAl2BNPjjNfcKGP5DvpA9wJGJQi8GwjmFp_pjKXNQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXxDhfy_Z2znJZOiGtK74L7NdGYt8kUbaj4lW9kjJ_BEy1hAwSCsGEt-CpOXVwA2TbgZ-PUdbIGNvu4x7s2mbU7h636YcPvntAl2BNPjjNfcKGP5DvpA9wJGJQi8GwjmFp_pjKXNQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.olPxG0uqAvw.es5.O/am=Phg/d=1/rs=AJlcJMxJ6SqPXVz_qNg_tblT8qFSGgu05w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QsukIaG0GEoxEGBJMwn78g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QsukIaG0GEoxEGBJMwn78g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsIUD8-fE51t9AvCTiIuuRxIusQjwcS9Yt2comMGPR1KnMSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjEwNzIQs_APL7AAAAklis2"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
263 KB
33 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2955668029726201&correlator=2109859581506415&eid=31079957%2C31083344%2C31085621%2C31085717%2C31084125%2C31084181%2C44777897%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290201&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=35190362%2CSWY_ROS_970_Top%2CSWY_ROS_728_Top%2CSWY_ROS_728_Middle%2CSWY_ROS_728_Bottom%2CSWY_ROS_300_Top%2CSWY_ROS_300_Middle%2CSWY_ROS_300_Bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=970x90%7C728x90%2C970x90%7C728x90%2C728x90%2C728x90%2C300x250%7C160x600%7C300x600%2C300x250%7C160x600%7C300x600%2C300x600%7C160x600%7C300x250&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc793699f0706f2d1%3AT%3D1722357539%3ART%3D1722357539%3AS%3DALNI_Ma_MtTk75wFwBGD13ngbbOqdcki4Q&gpic=UID%3D00000ec324267b38%3AT%3D1722357539%3ART%3D1722357539%3AS%3DALNI_MY72laM8eh9X9Tcaovcmx7_GknoBA&abxe=1&dt=1722357541287&lmt=1722357541&adxs=315%2C575%2C259%2C436%2C1012%2C1027%2C-9&adys=251%2C56%2C853%2C2133%2C343%2C875%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C0%7C0%7C-1&ucis=4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fstateways.com%2F&vis=1&psz=970x44%7C728x0%7C728x94%7C728x94%7C328x0%7C300x44%7C0x-1&msz=970x0%7C728x0%7C728x50%7C728x50%7C328x0%7C300x0%7C0x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C2&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&topics=3&tps=3&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722357538752&idt=596&prev_scp=hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1588190410881-0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1588190070930-0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1627934789523-0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1627934748447-0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1554392310720-0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1554489921736-0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1627935533051-0%26excl_cat%3DPREPOST&adks=4207453346%2C2637651183%2C2810809788%2C439879255%2C3441874940%2C829215918%2C3403528296&frm=20&eo_id_str=ID%3D9cb43830dccca656%3AT%3D1722357539%3ART%3D1722357539%3AS%3DAA-AfjYolNDLypa5sz73TLGREVql
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
5f453b08230333dab9062630d91295ec2a924932d6f54c69889c0920ab79a5be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33473
x-xss-protection
0
google-lineitem-id
-1,6754488866,6750224322,5817520472,6752383324,5818681672,5817436071
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138482080077,138481965473,138368693239,138482555926,138369009868,138369010312
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://stateways.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
edcf82e9dbcf1afc5a902539b7f89375.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8837
0
0
Document
General
Full URL
https://edcf82e9dbcf1afc5a902539b7f89375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 16:38:59 GMT
expires
Tue, 30 Jul 2024 16:38:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 88FC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmdnVVarmZe_pEPMskHrJyJIhJemE2eI9HavHD_T3JhLCbgw2PZWelTvfbPsWU4_4RotVTS-62IltgVB9u9cH0BCyGOCCFwPda_HW0IL1ZPseJ3BuZZmYGt72TDwwZjM1nJtpmfqDwLNsuOfOWsRuyWu3ADWFFcJaDWMJnP7OCA9frQkD5lkQgN8KKc66hQPGf6ZGKn1vE1t4C7lJLP84tACLZi3UuFdckqUTD7T1AtaUqCMczDms6DG8icvUbzUa0IQEzTXzf9WvMGzpfg6eMcaDcymDlnJNAZdYZqtlTZ_CMMOEF-_NBr5DYPH_VENTqROffi37k-E9cJ0v3Dt4&sai=AMfl-YQr-YTokhMvcEXj4sEyq1lEo7gt9qoudZlW2h-L54f25pA4KLg6Fb10WTLXnYWPTNQ1z4iGcTNT5gMJUyMd8Wp-2tfdU41pKMbDl3PXpQ0lstuSfEPk6shqz19gFkc&sig=Cg0ArKJSzOAgT_ysl4DvEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240725/r20110914/client/ Frame 88FC
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240725/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 16:02:18 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 88FC
203 KB
63 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
40bc14b8cdbe439a52a8400448f4e1b4183e2a7fde6514caa9d1c75fe70f041e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 15:47:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
3096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64479
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Jul 2024 16:47:25 GMT
14658744618140009874
tpc.googlesyndication.com/simgad/ Frame 88FC
64 KB
64 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14658744618140009874
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34e0034fa3b8b119a32fcfe9c78613f133ee7b7fd45084742524623ca46e4223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Fri, 26 Jul 2024 23:15:52 GMT
x-content-type-options
nosniff
age
321789
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65615
x-xss-protection
0
last-modified
Thu, 11 Jul 2024 12:54:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 26 Jul 2025 23:15:52 GMT
l
www.google.com/ads/measurement/ Frame 88FC
0
0

view
securepubads.g.doubleclick.net/pcs/ Frame E723
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4BCdUgyayq3xLzm1Vbc-2Ab7KDSvFcMaqjfD9HVlJDrFSS9GaVAcauIUB9SEoJ0HPkaiy_6gx_u20P3hf30i2G58h0fH9R8EdthhQ3POwSpBQRbElg25KTmC-zOkqZFbc7xwKPhCZFATgO5J-WENEJ8bHzC0-rAV3CRRR1kuEX-1RvwVrbs2x386CP8ydJvOaoHMBZ_945h2yu-Ip2W8JPeLiMJmXej8WOQXavOYaN42UKEUmLTwSKanx7Q--86LAS3iRlPTDTj9BZ_B5hwtVAjBD66OispP6xqJflYaKsyrK9hCiBstoLyc6gqbD9kNcWhX7nLon3AYuA_6Cy7679n4&sai=AMfl-YQQuBGCove5idG6MoJ7sRfCIMJy4zwk9qsNQB711c1tLEEKr4b7WWg0X-v4xYyu5Sz-2wbTa5HdRde9YrH64_6UvOtGPXuzkfOa6uzWloecMgrflxNmYPySp20ml7Y&sig=Cg0ArKJSzKxbH2x7L4flEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240725/r20110914/client/ Frame E723
3 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240725/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 16:02:18 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E723
203 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
40bc14b8cdbe439a52a8400448f4e1b4183e2a7fde6514caa9d1c75fe70f041e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 15:47:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
3096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64479
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Jul 2024 16:47:25 GMT
8660335865949480792
tpc.googlesyndication.com/simgad/ Frame E723
49 KB
49 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8660335865949480792
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1040fa907e0ebaaa288ff64b358517b7560aa2034494cf5f3efa9abf9872e1b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Fri, 26 Jul 2024 23:16:17 GMT
x-content-type-options
nosniff
age
321764
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50385
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 13:58:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 26 Jul 2025 23:16:17 GMT
l
www.google.com/ads/measurement/ Frame E723
0
0

view
securepubads.g.doubleclick.net/pcs/ Frame 5265
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1IDkxUZAXxs5yt-b4AFj3nj3fUT2HADP0MYIZx3RADQNeTxVo9cQ4tXOFRvZgx_pBV8eYSM4PEobZmU-HI0j-8xkFbkOCpfRWlxgKyoKdL7yH4YGAJ-DZwZbDT3rcDZFXamvyFrcSx3tSy39XVXX6wDv2FVb9rAWVUED2CAbLamnP94TzxzXWraoarRW_OS4LQHuh-I5tY5FVW_-swnJD9mXVla90F8aX8FPx72JyDs56VLHBjvPD2chPw4PlUTK8a-498DxTL-_tWZN7pa1K5Y5MCwrgPotQ6SDPZNzGM-lAO3wQAEYRFVxVswVaL4GIuLttNJH09eToM9u9MGnL1i6B9yZ4gZohfAaGAtB9rOeZXdcBMt7T9gQ6&sai=AMfl-YRx9a1KrDEvvX9e79Mi7a-LWJ9GCxJkjKFnN0W6SvJcNXD_9RG89yCQHW6Dy9ZKIcCvNY5XmDYeBCQ7ZTCAUIQz9c62CFBcGa2aGvc7eqQs-guCmp7LuGrfDyfKDYs&sig=Cg0ArKJSzFUdgvEHDhhtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.js
cdn1.opstag.com/14191/ Frame 5265
14 KB
6 KB
Script
General
Full URL
https://cdn1.opstag.com/14191/index.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-40.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5916e3b07f47ba2e0585a498732da9c321bff72b17d3008ce9eefe6b00e0b4f

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:03 GMT
content-encoding
gzip
via
1.1 6f70804d483d6d4c1e564e18fcd2c96c.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2024 04:02:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
"5ba826b1c82dc9f401ebc1388804260b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
5446
x-amz-cf-id
olgmWNBj541QhPqVBBf4VshEU4tryf03_Ea3DaqXu1QWxj5vnTwXPQ==
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5265
203 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
40bc14b8cdbe439a52a8400448f4e1b4183e2a7fde6514caa9d1c75fe70f041e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 15:47:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
3096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64479
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Jul 2024 16:47:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 36C6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZsRPoGHUrHMPnKnZDJw2wAe8axLphvLHKNmIAi7uT9etkIevQfQjuKNpYHz3I9vDCn9RF8qxU1kmQtJDXol9WkdzgcJFlmkWUdZIZ1BD3Vlb37NFfB5XnchfG8Nze63VLpzYnkZFIRw4OGwFKkSrKeuQSrTDipntyqS20iquyWUIoPC3qHS4nb_ewQ3cHJTX607I7tSNmS7lBQftYlHW8h02sLcgnRTNfffHaBi1MbAc1b3z5jGA1pkxMlCQBpmgPvPOCLE2RMv9R2KhVO59c9ITCCOeeIzkRrxAsc75IMXBosag8sgDszJUt8fbYGUWvaa_F7Tmpe-3DGpL7FB8&sai=AMfl-YTcRo4yW5A0H28lXsuWdx4VPEnNAIA_ed5VsDYILXn1qd8KWeNGrXs-C53x9x1NGT2WBmBPVO15IBhqpNaJZ2nxBlEiLq7Nd0aCQvGF2HEDFtTFf3G-pEUTy_cMHUg&sig=Cg0ArKJSzMTol2r9IJJYEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240725/r20110914/client/ Frame 36C6
3 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240725/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 16:02:18 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 36C6
203 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
40bc14b8cdbe439a52a8400448f4e1b4183e2a7fde6514caa9d1c75fe70f041e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 15:47:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
3096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64479
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Jul 2024 16:47:25 GMT
17986455079715115930
tpc.googlesyndication.com/simgad/ Frame 36C6
68 KB
68 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/17986455079715115930
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
994310b027de5fe426b01cd82ae5dae4f7262d84b5f0c63694614647f5295bd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Wed, 30 Jul 2025 16:39:01 GMT
date
Tue, 30 Jul 2024 16:39:01 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69494
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 13:25:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame 36C6
0
0

view
securepubads.g.doubleclick.net/pcs/ Frame 1520
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss--wKefIsYEZ46m-WaI_W0C7T8dzGc_8-DShY1wWbSUoXLvnJHFz3OWEY3ENKsUnrtuXNAk3gIPdqu2Lo6miuYAVlgbJRJOEvILVA8rSZlqOHXBOkbXZCoxx95spnlw1tn2sFEcz1XyUm_-UUmBTgrZWOToORub9XV_kk1X1XiIBEEI8aIDdC5mLQx6swBkhMcAQekE6kmT2SiZZsvmE60lncprHUFXhQdpl2OkwuIrIhTfEgn5aPP8OCbh9frI4sAG_SXNTnD1kOCgamoRxOn4kl7OHYpGnDhahojEopjy7QaZ7JvfQL0aQ9P3e83_4wluBgoFkIiBqFoWM0fNemsLdGUqvn9cncvZSs-yHrC1kBLomQRsA62wgmT&sai=AMfl-YSOI4QCBDM9s-V5mlkyUyTjrt6llNj3CAN5XSMBqVpltorYQAN8jWlz7_MOeLbXHR-xpna8HQaQsmgBuiJQb-cs1YXs7oI52r1nK388kvUUYnqinLzmNAPUKlwtuhE&sig=Cg0ArKJSzE8VJ8Ax--kzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.js
cdn1.opstag.com/14193/ Frame 1520
14 KB
6 KB
Script
General
Full URL
https://cdn1.opstag.com/14193/index.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-40.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
180815afd33f9658fa268f327ddaff2375d3e1730aae10094bab30c5cd995ce6

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:03 GMT
content-encoding
gzip
via
1.1 6f70804d483d6d4c1e564e18fcd2c96c.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2024 05:58:05 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
"0dc1ed9a8db6615cbd9b495f7712e19e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
5448
x-amz-cf-id
EzZNavf3gzJeVEOFLAn6Ei4aALhXSH_Zn6dJyNRS9Xshe6HrOlvRvQ==
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1520
203 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
40bc14b8cdbe439a52a8400448f4e1b4183e2a7fde6514caa9d1c75fe70f041e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 15:47:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
3096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64479
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Jul 2024 16:47:25 GMT
truncated
/ Frame 88FC
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8ab8825e6e6251ba2de5049cec3e52882559f6b18767ab4277dc50b4992f7af

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E723
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
68e98730c03d1b069b6a105d16c08690e824eebe08e01ea1b983fcf582f7ceed

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 36C6
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c02ce5fe27992abd43d486563e36e3291a1fec9776d03662907096f62363839c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame E723
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88FC
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 5265
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9db04040aea64bcdc60a5e54143d898298fe23fcb797bd919e346231ad2d6b44

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1520
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3a993ea1a5f364751eb44895dcc2467064af2c001a6baf03d28107010766a33

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5265
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1520
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 36C6
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 88FC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqqBFBIEH45IvBy_JTN9kXG_bpm3MkbVZof4Iwoqfjw11mRRvPP0XX64hfx2q_-hKmbCS1DlGySTYFu_SELJHwQ3Fya5ProSd_eNJpuKowiHDwMr9UNUeQ_rjGVBM6t7M7nkZbv0DWmIRoQFbSPRgZ_jdx3Uit9uuZOgs9iI65I0xXKglLwAU5IsN5jPBh0sAMCCD0K981ce2tsPsS40c09tLEkf2DRD_sRVXjmlBahg-t7DxQdJypKo8ZhXAL5VtpLXsJjvz3ZmpaPqpLxUPAsDsJbMSkGQXfJnp215EjXGFNxfJA2Oa7nLgznPxZ1QGKcE76DrmOodirut_2sNADtw&sai=AMfl-YTtXeLXl1XVbuIroClQfmMaKapdCunyQi1eUuUBjk-Ld1AWq0hxMQcH6E2GDPfDRhR___K2iopWKikwZLw2V9NcxHno-HVlzF2G92uo6OTimBII16jfHZGd8v2WITc&sig=Cg0ArKJSzBGG5T3Eh9umEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 30 Jul 2024 16:39:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E723
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-4VQDIKH_WWb3HZBKdSsDhyfeDx2mScfjAQPGEX-zWra0en0dX6Rv1M6hA5_9Ms03SZpBiMFY546hU1crCBgxfgsTgyX4Z7maJjXDBIoTi33-fAZHgNIfzgUM0C-bIyVNW8EA1rRGBcXZ5-L_3hd3nv9pJtZs2DOvbabox4J6K4nDEhQsFq-YnF8-hc6XOTjOorg_74R9s7exiLIVMYFs63QfiQdrnV5QonCIjJW6nB2dWAO_kf4hiYaATFIZAx1e-95-rPLfiAEEZVSKHIr3PbERysncVlJlsCmEv1zoRTUiS4jP1SfjnO-aQT4_UuZQss8v3oQooFlQaREajpPm6Sl61w&sai=AMfl-YSlaK7oyrromzwiYhugJFkmxs0__69x6pH42qMK3P6JYTX5LrXJh2ctUlIpoF0-6N2co3cEoUUR5V_4nhivM189sfrRfLGicPTT2S_MC4GD-F8s0IfE8yAKBaT7HdA&sig=Cg0ArKJSzDMlS4un9wczEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 30 Jul 2024 16:39:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 36C6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKfOha2dcI8EbhA0jt36i_PdGllqt6A6NjOPQfgVmoQVcwzajIC8uuQLXB8e9SPVDukmb_EofXXFwEtEApCQKk54_cc4AdyjoCOomk-bs0IdANn04GAUKq_ORiVQCbB8XuP7BUIlzMIY1Ese2OdTS7nlNvsRc3cffYyC0e7ZrDty7Ba1WKcaxAm3puW6ICqHnHgwejGPuIBjF8fNeRo0uu2fwr4M_SjEqcaGYEJ9ofzWAamE7OfPVS51Inn9dGsxwplqPLKCNWwHMFLv4cWYQOh8SDP9ArBx7iwKrZEYWPuSVobVMpJLB2vKzuSGcBQEv3IfrPjvtSUqYRI5OJGQ5BoA&sai=AMfl-YTcmFo4FwZCibwtUkQ9s8n-NgiULKQsGR1RrnNJbMNDMMUdw2kF-PNtLrxTDeBOu6MKEMS7Rs8Ie-lfHQ0GrEFWpqaNjaIcB1xdmwOn_d6GPe558PzLYF_M9z8Scno&sig=Cg0ArKJSzBpjFqUpOeXWEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 30 Jul 2024 16:39:02 GMT
prebid.js
cdn1.opstag.com/14191/ Frame 52A0
324 KB
98 KB
Script
General
Full URL
https://cdn1.opstag.com/14191/prebid.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14191/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-40.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ca9ab556f6dd776e0156b6d01e43f44215bbd54cade93a31c70ff1266401bf0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:03 GMT
content-encoding
gzip
via
1.1 6f70804d483d6d4c1e564e18fcd2c96c.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2024 04:02:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
"80414d510769543f10115bac1ce2fa0f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
100310
x-amz-cf-id
QE1M0AxbyFgro6VZmRwcOfNp0Y-A_iNnbGQRKSSzEheN_o2RBMtZnA==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame 52A0
213 KB
65 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.45.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-45-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86837437cb45ee0a15a860678eebee8320ec33b32d67c0581650b00011475335

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:35:21 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=143303
accept-ranges
bytes
content-length
65769
expires
Thu, 01 Aug 2024 08:27:25 GMT
placement.js
cdn1.opstag.com/14191/ Frame 52A0
30 KB
10 KB
Script
General
Full URL
https://cdn1.opstag.com/14191/placement.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14191/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-40.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1659e90eb15df892ccb180e27406372da1c52dc15d14aa24cdc44b92d9b4d8ac

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:03 GMT
content-encoding
gzip
via
1.1 6f70804d483d6d4c1e564e18fcd2c96c.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2024 04:02:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
"b3e04a47a609b211a2fbac3c8a4f1664"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
9538
x-amz-cf-id
AUhkfKRqIPdqnsBi1slSBjqZ7gHijYY2G5URFiyTMdXfe7ZzyeviWA==
ad
pubads.g.doubleclick.net/gampad/ Frame 5265
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,35190362/epgmedia/stateways-14191-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5802023959
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,35190362/epgmedia/stateways-14191-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5802023959&pre=1
42 B
65 B
Image
General
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,35190362/epgmedia/stateways-14191-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5802023959&pre=1
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Server
173.194.205.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

google-lineitem-id
-2
pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
server
cafe
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,35190362/epgmedia/stateways-14191-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5802023959&pre=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid.js
cdn1.opstag.com/14193/ Frame 9C32
324 KB
98 KB
Script
General
Full URL
https://cdn1.opstag.com/14193/prebid.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14193/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-40.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ca9ab556f6dd776e0156b6d01e43f44215bbd54cade93a31c70ff1266401bf0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:03 GMT
content-encoding
gzip
via
1.1 6f70804d483d6d4c1e564e18fcd2c96c.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2024 05:58:05 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
"80414d510769543f10115bac1ce2fa0f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
100310
x-amz-cf-id
XG4DEA-olTKlQZ1JZImZ65DfeDqvF0kyuZ1TDK-9fntsCm-JBz5LjA==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame 9C32
213 KB
0
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.45.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-45-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86837437cb45ee0a15a860678eebee8320ec33b32d67c0581650b00011475335

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:35:21 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=143303
accept-ranges
bytes
content-length
65769
expires
Thu, 01 Aug 2024 08:27:25 GMT
placement.js
cdn1.opstag.com/14193/ Frame 9C32
30 KB
10 KB
Script
General
Full URL
https://cdn1.opstag.com/14193/placement.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14193/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-40.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
861e014bae283b40af31c2c01838383194a292371353f18831a1823c620f3779

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:03 GMT
content-encoding
gzip
via
1.1 6f70804d483d6d4c1e564e18fcd2c96c.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2024 05:58:05 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
"2bdd62cb4963ec95ef11aab5a340d3e4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
9545
x-amz-cf-id
oow1sdnW9IhUpoAkQGEfESoFZ0X0Iz33HqU2MkEZqJYbRZqcNbPGZg==
ad
pubads.g.doubleclick.net/gampad/ Frame 1520
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,35190362/epgmedia/stateways-14193-300x250-activefill-mobile-pixel&sz=1x1&t=&c=5802026350
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,35190362/epgmedia/stateways-14193-300x250-activefill-mobile-pixel&sz=1x1&t=&c=5802026350&pre=1
42 B
65 B
Image
General
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,35190362/epgmedia/stateways-14193-300x250-activefill-mobile-pixel&sz=1x1&t=&c=5802026350&pre=1
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Server
173.194.205.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

google-lineitem-id
-2
pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
server
cafe
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,35190362/epgmedia/stateways-14193-300x250-activefill-mobile-pixel&sz=1x1&t=&c=5802026350&pre=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
virginia-abc-324x235.jpg
stateways.com/wp-content/uploads/2022/07/
10 KB
11 KB
Image
General
Full URL
https://stateways.com/wp-content/uploads/2022/07/virginia-abc-324x235.jpg
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b4133bf452814fdc44a3c343564f5650dd714ba6d8539992046f43dcb3ac663

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
cf-cache-status
MISS
last-modified
Tue, 05 Jul 2022 06:33:17 GMT
server
cloudflare
etag
"62c3db2d-2980"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ab6c84ea960ac69-YYZ
alt-svc
h3=":443"; ma=86400
content-length
10624
beverage-retail-technology-guide-2023-324x235.png
stateways.com/wp-content/uploads/2023/09/
111 KB
111 KB
Image
General
Full URL
https://stateways.com/wp-content/uploads/2023/09/beverage-retail-technology-guide-2023-324x235.png
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9039c64ec9d70f16161becd229473d939b36cb6b1ea204d96f513eb3e9e91f4e

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
cf-cache-status
MISS
last-modified
Mon, 11 Sep 2023 16:17:33 GMT
server
cloudflare
etag
"64ff3d9d-1bbbf"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ab6c84ea961ac69-YYZ
alt-svc
h3=":443"; ma=86400
content-length
113599
rum-trends-2024-324x235.jpg
stateways.com/wp-content/uploads/2024/07/
14 KB
15 KB
Image
General
Full URL
https://stateways.com/wp-content/uploads/2024/07/rum-trends-2024-324x235.jpg
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef52ea8b5dc5b6a0c4782587f1016151a331c25ac93306e95ed12c06abba3ad

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
cf-cache-status
MISS
last-modified
Mon, 01 Jul 2024 11:07:56 GMT
server
cloudflare
etag
"66828e0c-3993"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ab6c84ea962ac69-YYZ
alt-svc
h3=":443"; ma=86400
content-length
14739
old-fitzgerald-bottled-in-bond-spring-2024-309x235.jpg
stateways.com/wp-content/uploads/2024/07/
8 KB
9 KB
Image
General
Full URL
https://stateways.com/wp-content/uploads/2024/07/old-fitzgerald-bottled-in-bond-spring-2024-309x235.jpg
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e5c562d911f2d392190ef781448dccb630cdf957905debb172a6e0dcc44a23

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
cf-cache-status
MISS
last-modified
Mon, 01 Jul 2024 11:12:42 GMT
server
cloudflare
etag
"66828f2a-2157"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ab6c84ea965ac69-YYZ
alt-svc
h3=":443"; ma=86400
content-length
8535
wine-reviews-under-30-324x235.jpg
stateways.com/wp-content/uploads/2024/07/
12 KB
12 KB
Image
General
Full URL
https://stateways.com/wp-content/uploads/2024/07/wine-reviews-under-30-324x235.jpg
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0912dbf6012a0d62a15ec713b0d0213eea75a10eb13216553dbb30b4041bef43

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
cf-cache-status
MISS
last-modified
Mon, 01 Jul 2024 11:06:47 GMT
server
cloudflare
etag
"66828dc7-3027"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ab6c84ea966ac69-YYZ
alt-svc
h3=":443"; ma=86400
content-length
12327
sparkling-wine-trends-2024-324x235.jpg
stateways.com/wp-content/uploads/2024/07/
12 KB
12 KB
Image
General
Full URL
https://stateways.com/wp-content/uploads/2024/07/sparkling-wine-trends-2024-324x235.jpg
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
398244f9d8401e4d575801f6184f7dada1516245232e78c1f895efee2ed185ed

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
cf-cache-status
MISS
last-modified
Mon, 01 Jul 2024 11:06:38 GMT
server
cloudflare
etag
"66828dbe-2f6e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ab6c84ea967ac69-YYZ
alt-svc
h3=":443"; ma=86400
content-length
12142
vodka-trends-2024-best-selling-brands-bottles-696x464.jpeg
stateways.com/wp-content/uploads/2024/07/
45 KB
45 KB
Image
General
Full URL
https://stateways.com/wp-content/uploads/2024/07/vodka-trends-2024-best-selling-brands-bottles-696x464.jpeg
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79c8bf6d892758b5bc5af40e470297db596343a41dd3c3dfa78eff2517a114

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
cf-cache-status
MISS
last-modified
Mon, 01 Jul 2024 11:07:53 GMT
server
cloudflare
etag
"66828e09-b408"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ab6c84eb979ac69-YYZ
alt-svc
h3=":443"; ma=86400
content-length
46088
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 52A0
98 KB
0
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
009c4930548a80395a31fac3d77d1daf87fb4d1db6d6314c9d5a99bab5440a56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31581
x-xss-protection
0
server
cafe
etag
478 / 19934 / 31085717 / config-hash: 2120298064959822331
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Jul 2024 16:38:59 GMT
multitracking
sghb.hbmp.mediafuse.com/adunit/
0
262 B
XHR
General
Full URL
https://sghb.hbmp.mediafuse.com/adunit/multitracking
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/1sAvg/hbw_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.11.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Mediafuse /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://stateways.com
Date
Tue, 30 Jul 2024 16:39:02 GMT
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Server
Mediafuse
Connection
Keep-Alive
X-Robots-Tag
noindex
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9C32
98 KB
0
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
009c4930548a80395a31fac3d77d1daf87fb4d1db6d6314c9d5a99bab5440a56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:38:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31581
x-xss-protection
0
server
cafe
etag
478 / 19934 / 31085717 / config-hash: 2120298064959822331
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Jul 2024 16:38:59 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/ Frame 52A0
474 KB
0
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
c5e1629c5fdb7d18753448f9095701331d3ece89f2e44513c517efaefd24610b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 23:09:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
62969
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151374
x-xss-protection
0
server
cafe
etag
16932859754834633169
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 29 Jul 2025 23:09:30 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/ Frame 9C32
474 KB
0
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
c5e1629c5fdb7d18753448f9095701331d3ece89f2e44513c517efaefd24610b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 23:09:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
62969
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151374
x-xss-protection
0
server
cafe
etag
16932859754834633169
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 29 Jul 2025 23:09:30 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5265
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0co2a33o4f1ntoWdN5NejUVUbhirsgX3cdNEd_i5oJwYtmNZrkrQ7d216kwfcsNKFC1J11x6kG7Uq2mw5F_qBXJHgvCWlSs4NM3QAGgS3IWWz_oAZV9-g9X6xaraz_zo5vWgU83ilYVQNSOGwSlY3INlgzJjZYVgpBzt3hglqi9H-Uu-kapZrv8aPu5FIiNWhp2dkF3zal33mRmaxaJj43UypyXH5imgSVErWWgKcNqnzoIEz-e0NzNdqyWqdq5BAmxq34bos01sq5oyjfhJxNhDxOxE34KIyxbPbCd6HRPkhBuvR2vwdMQ0rT9RsgeoHaq0olBcBQSgLTSQHZOGZm8fSBLGYhTYe8dJAHx5VShiS7Fsy07lsm-TzzsQ&sai=AMfl-YSWUnDwrVSDr1wHc9RQAfrS-b6rZYmmc4s700dNBz8YAA-IBfH9ORpaiK4m7VFNEJV9TyNbeAtebWARFhYeX3MbJyo-D-1cxCTsfdYPc69JC8V1zUYn85XemRA3YI8&sig=Cg0ArKJSzH0BJNRx2FK2EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 30 Jul 2024 16:39:02 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 52A0
138 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14191/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.178.10 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
9a353438d03e09a997997ecdfd1ca66a686d907b4ee09e7ce5b95955eaf0f2a6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
an-x-request-uuid
94b4df95-26be-4448-8d81-81ccfbcbe3ba
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stateways.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ Frame 52A0
960 B
684 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14191/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
6fe40455d35f18ad6d7018c9afae941c96ee276318c1bb517ae6ff12c6eb227a

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:01 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stateways.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
content-length
469
arj
os4m-d.openx.net/w/1.0/ Frame 52A0
174 B
348 B
XHR
General
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fstateways.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=420&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=99e6fef8-3580-4630-8ad7-166f2d03d8d3&nocache=1722357542416&gdpr=0&schain=1.0%2C1!yieldlift.com%2C2000133%2C1%2C%2C%2C&aus=728x90&divids=div-gpt-ad-1074208485615-0&aucs=&auid=545711673
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14191/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4b4986408ba8dc5d9bb73c04ed24d5de571376f4400424fc1452e825a82d834e

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://stateways.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ Frame 52A0
15 B
409 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14191/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://stateways.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
trinity.json
apex.go.sonobi.com/ Frame 52A0
1 KB
1 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22100dad327ca6754%22%3A%22920172f971b517e6afc2%7C728x90%7Cgpid%3D%2F8570%2C35190362%2Fepgmedia%2Fstateways-14191-728x90-activefill-desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fstateways.com%2F&s=5b66790d-c87b-46b9-8e1d-fc33ed8e8103&pv=f3dd4fa7-b651-4ab8-8fd1-67fa586ca77f&vp=mobile&lib_name=prebid&lib_v=7.3.0&us=10&fpd=%7B%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000133%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14191/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
319165e7bdc788e7e671194290a717dd88fd234724dd3f584e4fe7208ef74110
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
602
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 52A0
14 KB
7 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14191/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.178.10 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
860199dcac91ea988c3591efd12b8e72dc8418e4381652ad8c67dd5ebbebf25c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
gzip
an-x-request-uuid
651e85e7-5e80-411e-8cad-d47873b7b9c1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stateways.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 52A0
24 B
578 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.3.0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14191/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.225.55.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-55-209.compute-1.amazonaws.com
Software
/
Resource Hash
face3e985a023a9e6399eb3ebc9e7b49577c268e240a09d0d427dd99a50c086d

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://stateways.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
view
securepubads.g.doubleclick.net/pcs/ Frame 1520
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGKjK2ravelO8MIdofh7_ua7dwWDNog0yt_CCcRdl9OngvKYnnYh_5iHpzc5ug6WWT4wxeA-mvDQLlF1gvTd-EMg5Oeew183dPgWIv0HwGSz2diy2zzfGP2tX9DUdIIJW7XffvcpshiYxWIky_GrWuVqe_-vNUQmBAroE90Xea_V4IOPOCptTQLDmnOCoIOEfdVS1PGtszCRJxC3VFjJRIex72u9sBpzGVrBrQObLkhee7GJK2pIFp-Wdk8ThBpBRsFP1jtDQ8y6Q0_7UvaFAde_bcznK5zsGDe9gW7DIeWPuxZxncUFQDGOG1xD9tKg6WJU30pazG56COqWHx95qoNZ3JkQuPE1tQwqlS7nW_VXS_ZuugZbeuZse3HeI&sai=AMfl-YSqowQJzWgEL9DYw8zRbgSGLsqq3oWu2HFYlPKeXqV-AIHtIPW9_DqofWYUHW1-_0oaJLFcR_KGcu_pSjhdQkr_BfpJZzHY8LwxEq_F7t2SDphls6mrxusMD4JF8wM&sig=Cg0ArKJSzKuB-HQ8-N16EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 30 Jul 2024 16:39:02 GMT
arj
os4m-d.openx.net/w/1.0/ Frame 9C32
174 B
581 B
XHR
General
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fstateways.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=420&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=53a28ecb-bd2f-4a5d-87ce-c8ad36f84ade&nocache=1722357542452&gdpr=0&schain=1.0%2C1!yieldlift.com%2C2000133%2C1%2C%2C%2C&aus=300x250&divids=div-gpt-ad-9949246449875-0&aucs=&auid=545711675
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14193/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a9f47cc10ee05e8ed42f88016cfeb5b43049cdf2143bb9c5e8f06fdf95a5b76f

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://stateways.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9C32
13 KB
7 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14193/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.178.10 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b802f6de7426c7fcc661bcaa45517a00ba919d3796890c087a6c784e6e702cd5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
gzip
an-x-request-uuid
cfb9a9dd-10c3-4c00-9f68-3a34cf4e80c7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stateways.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ Frame 9C32
15 B
409 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14193/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://stateways.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
bid
ap.lijit.com/rtb/ Frame 9C32
24 B
578 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.3.0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14193/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.225.55.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-55-209.compute-1.amazonaws.com
Software
/
Resource Hash
9bd6398f5976d92f6af3f268bb4bf8edf375dfc4aa72bdf4e1c1519e49343263

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://stateways.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
trinity.json
apex.go.sonobi.com/ Frame 9C32
1 KB
1 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221072d30a17134fc%22%3A%22585b4ecb71f614ef9ff4%7C300x250%7Cgpid%3D%2F8570%2C35190362%2Fepgmedia%2Fstateways-14193-300x250-activefill-mobile%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fstateways.com%2F&s=747795de-7332-4164-97b8-35be3d8e043f&pv=4e9c16e1-6a80-41ed-bf56-0e9b77775e39&vp=mobile&lib_name=prebid&lib_v=7.3.0&us=10&fpd=%7B%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000133%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14193/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
fb87eecb0593cade0e7232ef8caf2bdf1bb4bdc7678001783451fd59bda74c08
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
603
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame 9C32
960 B
641 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14193/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
3cba9fdd1a29531658e8c18404bc0def47c47022388ea6a7aae034d87fa25fb6

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stateways.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
content-length
470
prebid
ib.adnxs.com/ut/v3/ Frame 9C32
13 KB
7 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14193/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.178.10 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7c9d02dda53779480f00b064713508f99b7c7eccded1b3a298997169afcfd8b1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
gzip
an-x-request-uuid
869b7669-d85b-4cac-9ae4-220753356450
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stateways.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 949A
0
0
Document
General
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28869
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 16:00:24 GMT
expires
Tue, 30 Jul 2024 16:50:24 GMT
last-modified
Mon, 29 Jul 2024 19:44:55 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 4E31
0
0
Document
General
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28869
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 16:00:24 GMT
expires
Tue, 30 Jul 2024 16:50:24 GMT
last-modified
Mon, 29 Jul 2024 19:44:55 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.144.js
static.criteo.net/js/ld/
96 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 31 Jul 2024 16:39:02 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 52A0
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407290201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
17fb444a7769dca78894b7f76cbb6da04eb3468379f33973613d2b1ee18b4e6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12694
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 52A0
46 KB
18 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=456094333825992&correlator=3356491710318574&eid=31084949%2C31085717%2C44777897%2C31084215%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290201&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=8570%3A35190362%2Cepgmedia%2Cstateways-14191-728x90-activefill-desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc793699f0706f2d1%3AT%3D1722357539%3ART%3D1722357539%3AS%3DALNI_Ma_MtTk75wFwBGD13ngbbOqdcki4Q&gpic=UID%3D00000ec324267b38%3AT%3D1722357539%3ART%3D1722357539%3AS%3DALNI_MY72laM8eh9X9Tcaovcmx7_GknoBA&abxe=1&dt=1722357542631&lmt=1722357542&adxs=436&adys=2274&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=1&ucis=4jxo7cvvppq5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=2&url=https%3A%2F%2Fstateways.com%2F&ref=https%3A%2F%2Fstateways.com%2F&top=https%3A%2F%2Fstateways.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=260&ohw=728&topics=3&tps=3&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722357542104&idt=258&prev_scp=hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D728x90%26hb_pb_oftmedia%3D0.03%26hb_adid_oftmedia%3D16fb7f4c592e3e2%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.03%26hb_adid%3D16fb7f4c592e3e2%26hb_bidder%3Doftmedia%26rfsh%3D1%26rfshtime%3D12&adks=4140102230&frm=23&eo_id_str=ID%3D9cb43830dccca656%3AT%3D1722357539%3ART%3D1722357539%3AS%3DAA-AfjYolNDLypa5sz73TLGREVql
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
c9d6b556603a6bcd87105b6989375bd1fa5f77a85c5c7c962e72f9e8f50b5fbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17940
x-xss-protection
0
google-lineitem-id
5071160298
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296811092
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://stateways.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7303771b427aeebf627ec533e290a648.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ED71
0
0
Document
General
Full URL
https://7303771b427aeebf627ec533e290a648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 16:39:02 GMT
expires
Tue, 30 Jul 2024 16:39:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9C32
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407290201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
77fc61c3eb0b5ebc7dec4ced9500e9617f6f01521292fc55b2a8fca497607246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12698
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9C32
46 KB
18 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2238190774838441&correlator=2804403835637894&eid=31085717%2C31085142%2C95335606%2C31084270%2C44777897%2C31084215%2C21065725%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290201&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=8570%3A35190362%2Cepgmedia%2Cstateways-14193-300x250-activefill-mobile&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc793699f0706f2d1%3AT%3D1722357539%3ART%3D1722357539%3AS%3DALNI_Ma_MtTk75wFwBGD13ngbbOqdcki4Q&gpic=UID%3D00000ec324267b38%3AT%3D1722357539%3ART%3D1722357539%3AS%3DALNI_MY72laM8eh9X9Tcaovcmx7_GknoBA&abxe=1&dt=1722357542769&lmt=1722357542&adxs=1027&adys=1215&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=8oj5xp3ue0h3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=2&url=https%3A%2F%2Fstateways.com%2F&ref=https%3A%2F%2Fstateways.com%2F&top=https%3A%2F%2Fstateways.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=260&ohw=300&topics=3&tps=3&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722357542114&idt=280&prev_scp=hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D300x250%26hb_pb_oftmedia%3D0.02%26hb_adid_oftmedia%3D17ed5a67589de5d%26hb_bidder_oftmedia%3Doftmedia%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D162539dfe3ed13a%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D17ed5a67589de5d%26hb_bidder%3Doftmedia%26rfsh%3D1%26rfshtime%3D12&adks=4233293387&frm=23&eo_id_str=ID%3D9cb43830dccca656%3AT%3D1722357539%3ART%3D1722357539%3AS%3DAA-AfjYolNDLypa5sz73TLGREVql
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
8f201a4853af101005ac5435594ddcbe5702fb2076415c74e13c3d4d2cfbe94b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17950
x-xss-protection
0
google-lineitem-id
5071161039
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138430700650
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://stateways.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
55fc0190636101f28c351aa6ef11839f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 79AB
0
0
Document
General
Full URL
https://55fc0190636101f28c351aa6ef11839f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 16:39:02 GMT
expires
Tue, 30 Jul 2024 16:39:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame B763
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrt2wew1pOpFRJI0eVitinde9C4-a2L04jHyiNaAvD-1FkV7_X8B5CCXwTWNfjvRn_YYidm52dCyUO7dygdVD37F4Hzc3fJmLMHK2ZRmwSoghQbpHuTmEaESfhIjmtwtlFasfQTjvUs4T-8hneBAE6W0ye5jHPL1AKJq_bMQ8zYXqRHnuiF2_ZXKs3mUXp27hGmIgtxPB-Ji-Llkt5KS6cGYxcgEzHtdSp3DVcKcCcZ7XuL5QslTso7cQOCftSTdtp9KVwxyfJcjQJfuvP36QF0tbkK-ApChj2ky845uJxxIra0xfNhMKNaMQdwJgE_1FxQmP1-etpI91F8aX07Qs0ZLotmjyS8ippSla8F2VoCG06OFZck6DqjtshjvemaQM-amz-DnmqZMoobJ74HqW83zQGhg&sai=AMfl-YTB6la66rfawvLQnWviK-sSvHDv5aLDqZm0tclikcx6nS7rwKbKCfQtpRNqcz0CS-AXTFgPrDaTVdzn-MhwPyyJ1uQ8SvCJrieLRA-Y1s_6z66SqEK4oh3WXhC3tPc&sig=Cg0ArKJSzNQD58_2yGbLEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240724/r20110914/client/ Frame B763
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240724/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 21:23:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
69307
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Aug 2024 21:23:55 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B763
203 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
40bc14b8cdbe439a52a8400448f4e1b4183e2a7fde6514caa9d1c75fe70f041e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 15:47:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
3096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64479
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Jul 2024 16:47:25 GMT
3083443360271152484
tpc.googlesyndication.com/simgad/ Frame B763
17 KB
17 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3083443360271152484
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e299ebc7e9d8ba28f03e84211b2cfb5d292eb455c0bc310522934894a8adc3b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 25 Jul 2024 05:35:06 GMT
x-content-type-options
nosniff
age
471836
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16907
x-xss-protection
0
last-modified
Thu, 05 Dec 2019 18:43:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 25 Jul 2025 05:35:06 GMT
l
www.google.com/ads/measurement/ Frame B763
0
0

truncated
/ Frame B763
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce751a2c9b0935668c2261d017d788e2ae76c206aab05ac5a483e02bf9feb142

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 52A0
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Jul 2024 16:39:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B763
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B763
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVnZb6QE0CWU9f1VvUmtyLnYW_suNVMon2xf0pNfY3-IvVTUqL74gDeaXJg8srmd_6f7O15xuXqehPgusHu8dnHHqZ60-FS4D0ahZnRGOD6WB0wtXzsqtSOJK6PTtyvwMuzvMr8qeLHxQmxxVi5OPUCx8XMtfo1MmPEyZ0EhMggXNw9iwKLCaMCcrY_Bl633FlheDmB0C0OdAv3r635OhWWFdsGkv2Wq2UovbJNfRdayew5VCvGqEFcKwG9ZBDoXMj2MpBWSnQKhhqUfDLs8odx7j_xUr9XMlZbb_gMxufqnnJRI8A36gEKuBbPdMsAKQcfEJHE2ap6xs5dLNEm0j2trfpV6e4v5rptKaReNNyPdATR9V-9s4mEqSXZ1E3F_AJBqmuoAe0RRUuZMpKxFN1cn9xLhNi&sai=AMfl-YRFBQSPJbnN8cZzbwM8DFr-BmIZ5LCsCAHs9AEXCn0Qoy8B39PTR_rLMY1Hu4xtfE9ilucEn43Pe51X3SNlbLGI4xGLWYZTsjMthLkDAk6DVFvdHJUT9wvKxsblp7k&sig=Cg0ArKJSzGzPUi9tBTndEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 30 Jul 2024 16:39:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E600
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
510171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jul 2024 18:56:11 GMT
expires
Thu, 24 Jul 2025 18:56:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5DAF
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f99.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H0Xk8H6wCgT0l5dcL4uSOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-H0Xk8H6wCgT0l5dcL4uSOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 16:39:02 GMT
expires
Tue, 30 Jul 2024 16:39:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9C32
17 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Jul 2024 16:39:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DAC1
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
510171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jul 2024 18:56:11 GMT
expires
Thu, 24 Jul 2025 18:56:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5976
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f99.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H0Xk8H6wCgT0l5dcL4uSOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-H0Xk8H6wCgT0l5dcL4uSOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 16:39:02 GMT
expires
Tue, 30 Jul 2024 16:39:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 7C96
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYUaKc399rgLdORCcw6meEtoYRIDUipHFdD3M1rwwpQVELf9pS4cEBpCv4PgQrXzmoEqSOhwup9rcGHgOFXKscfTM8EgLPJ5uhdDIqB8z1ZnvX8FB-Y3lNKcoze9WgBs6ZrAc7FLcL3REnaDtIgEjDwcJ4qyOodX6h8S3gPtNY2ldmpfwR2ltXKF_1ChfE6CZwCR_0sCQnlnwXT4JaS1jeCndZuApBoD5gQ0ZwVxagcRg2TQB0UJ4QVtsIDQJJWIf2_NleXWvnudnWc1-ConCKUO7aiAxdIxKiiMFXc_XQjt9NRo1BS8OJlxe2rkLhFZgUjZ7ssTGI-8w1KchKyPWn9sro_BXXc4Y5fNhqY7QRrOT5kyG2zNwOsM0_8ne9PXkYNaXGh_l7E9Jnp-JBnUknGXrh9g&sai=AMfl-YQ2vVu7vek_NCg4n3SfTudTdNpuyMvd_mvKXVnpDTyGd-8qw9Y5FavZiFeNdJ5asMjR08PlUpAh1Js3THJhKqJpeJDKGARSSC9BBgjYiFI6tO_34pnn1t4Rtg7I31A&sig=Cg0ArKJSzNqAN0SqJG0gEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240725/r20110914/client/ Frame 7C96
3 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240725/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 16:02:18 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7C96
203 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
40bc14b8cdbe439a52a8400448f4e1b4183e2a7fde6514caa9d1c75fe70f041e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 15:47:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
3096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64479
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Jul 2024 16:47:25 GMT
17016164083159707937
tpc.googlesyndication.com/simgad/ Frame 7C96
23 KB
23 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/17016164083159707937
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f132.1e100.net
Software
sffe /
Resource Hash
2ab715ba84b2354e7ca84b89b07f8bd205cc3d04a30a1f56726b01440b7f9130
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 25 Jul 2024 12:29:14 GMT
x-content-type-options
nosniff
age
446988
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23283
x-xss-protection
0
last-modified
Thu, 05 Dec 2019 19:03:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 25 Jul 2025 12:29:14 GMT
l
www.google.com/ads/measurement/ Frame 7C96
0
0

truncated
/ Frame 7C96
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0608c4bc80d365c8447bf71c0a2fa4af4b2001b0835439bdb155f236e4d3fb64

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C96
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7C96
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFGAGWI_iYJYK_LvO0iy7JCqqQSR11sauyqXwcL9plbqGBg_6liJqNdBs1AhC1N3mjMrdBhfFJVmxRVe3alIde_Xf_cSk7ZO1jmxxhV5VMxeI25R_-TyQeY_6y4VV40tgXNLZ3oXJ54ue_nqnuV9ixk-ieby7j-wT2T5kToC2hPShSMr9zYCwE2R9Ap_Nki_HNbKPzPSuyaIjtwJNvlTTwOoeg9vOyaI5Om4mfiwvR7_3DDs8iKueQitJzGE7mt5kr3pIa4pQD-BRNFjMqXJBe19YeY9AOLYs83M3WiAAv8cJG6oNUMdpcoJoacdetG311E06qBD85kTcocDRtcF3B3MxCVrHjAruUVGJiG41jAJBYRAhi3DOjpqdHHjJ8psjGT6Y6pIOh-AXPbQFR1-8F6KljrA2I&sai=AMfl-YQBJVpTx6MXbcooalMmfRDdrgostXBkm-ZhY3tJfT_-JfE0FZOL_iNQ3nMtVF7e3V8xJN5wz1c4y9r6Re09hkWiqWu2eJanW97WPbFFaUEZ-vUHc-JQg3W-cYPirv4&sig=Cg0ArKJSzBAbPbaD7N3iEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 30 Jul 2024 16:39:03 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E723
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlThW3cBAD2kVYbFxofyB1s3CJqRBjTKypgAlzf-5Zzb9oXXZPxYvL505aoRs_oY6h9GytVO5zfCAVX2aVcZ6N4z4TTiHiCsd-kiFLzUtjB2bKrcZmKEZ6HeaTUEoMDSCv5ai3RQWPLTLxpw02qiqq5G2tEJZNnTs&sig=Cg0ArKJSzB14jZEN4rNMEAE&id=lidar2&mcvt=1000&p=942,259,1032,987&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240729&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2810809788&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1829034100&rst=1722357541854&rpt=231&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 88FC
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstU_pTiBMzDu8EZgbWvKRAaivXwUCmiTYPPydC0Ebi8KtFToEDS3BhE3VEgiXxoCri_Lkjhe4OteRayhNfC9b2iRjetGNYQaMR0URbA3Y1mLLYxwQNpALsFjhFTZ1ex1kALhdjnT11XWPtdD0hz174QqbN3qv2-7PY&sig=Cg0ArKJSzDJABaLnFOJkEAE&id=lidar2&mcvt=1003&p=56,575,146,1303&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240729&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2637651183&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1829034100&rst=1722357541836&rpt=241&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 36C6
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaIEhvSyhkrevG4bLx2JmNbJ_T265Y9ippSL_gkuVDxqfhilGrwNZzhpnC9NptvS0o8xcZh8IhUdpaRIMmstsXrM1IXyvRpR6DmrBhm4OyiZVRvg0jZr88H89Mo2cSSjl32fXI-xd0zrUKHemUkXnBblCjCjDIS2Q&sig=Cg0ArKJSzNLsdg6W4Mt3EAE&id=lidar2&mcvt=1000&p=385,1026,635,1326&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240729&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3441874940&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1829034200&rst=1722357541874&rpt=220&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 52A0
0
0

sodar
pagead2.googlesyndication.com/pagead/ Frame 9C32
0
0

json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fstateways.com%2F&domain=stateways.com&cw=1&pbt=1&lsw=1&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://stateways.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
192833
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/
42 B
241 B
Fetch
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=001Pg000002HAjeIAG&gdpr=0&src=pbjs&ver=8.52.0&coppa=0&us_privacy=1---
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 30 Jul 2024 16:39:04 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://stateways.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fstateways.com%2F&domain=stateways.com&cw=1&pbt=1&lsw=1&us_privacy=1---
  • https://mug.criteo.com/sid?cpp=GCTQQHxVY3NaL2Jjb0ZZQ2p2M05ZU3F5WFZZamtBaU44ekh1d29iSDhkcHJBNkRBMGR0WTQ5UzZKZVRKRGdyeGtrT3ZxQ3FwMmovZkYxRFVhckt2bUt3bUk5Z0d5dmlJSEl0VEdpTUhweGpsbG5hUjNQcEJtWTYvTVBBMV...
362 B
665 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=GCTQQHxVY3NaL2Jjb0ZZQ2p2M05ZU3F5WFZZamtBaU44ekh1d29iSDhkcHJBNkRBMGR0WTQ5UzZKZVRKRGdyeGtrT3ZxQ3FwMmovZkYxRFVhckt2bUt3bUk5Z0d5dmlJSEl0VEdpTUhweGpsbG5hUjNQcEJtWTYvTVBBMVlFcFhVM05INEFpQy9SMXMzRVJOSWlGdEJyNUdxSHZPKzRBTW0xVm00V2g0TE5HMmUvNEE3dWhxelVtN3pVd2dLWGFwRGlCcU5TdjExM0JFNjdjRDc0RHFSMjBUOHJ1TUROYTkxZkRIcHpBbXdvYWNEWS9RdCs5SjNWb24xTjNNZ3FZemVxUUtufA&cppv=2
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b570b085340427e69ff68c0e3901f2b0d112aa390582f3ec0b1a601417d69afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
447456
expires
0

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://stateways.com
location
https://mug.criteo.com/sid?cpp=GCTQQHxVY3NaL2Jjb0ZZQ2p2M05ZU3F5WFZZamtBaU44ekh1d29iSDhkcHJBNkRBMGR0WTQ5UzZKZVRKRGdyeGtrT3ZxQ3FwMmovZkYxRFVhckt2bUt3bUk5Z0d5dmlJSEl0VEdpTUhweGpsbG5hUjNQcEJtWTYvTVBBMVlFcFhVM05INEFpQy9SMXMzRVJOSWlGdEJyNUdxSHZPKzRBTW0xVm00V2g0TE5HMmUvNEE3dWhxelVtN3pVd2dLWGFwRGlCcU5TdjExM0JFNjdjRDc0RHFSMjBUOHJ1TUROYTkxZkRIcHpBbXdvYWNEWS9RdCs5SjNWb24xTjNNZ3FZemVxUUtufA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
246992
content-length
0
expires
0
prebid
id5-sync.com/api/config/
194 B
662 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
4dabf439b51b89bd45422249bf9dcccb126d5a032ad19fcd8ae82fd1f24343e8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://stateways.com
content-type
application/json;charset=UTF-8
date
Tue, 30 Jul 2024 16:39:04 GMT
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
id
id.crwdcntrl.net/
152 B
819 B
Fetch
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.203.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-203-136.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a603cd6cb560b99be54225a4bf3bfd0812326ea5dfc408ea58ed4537ab1cb32e

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://stateways.com
cache-control
no-cache
x-server
10.40.48.34
access-control-allow-credentials
true
content-length
152
expires
0
csync
sync.adtelligent.com/ Frame F8EA
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D...
  • https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D8779B&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
0
0
Document
General
Full URL
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D8779B&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 30 Jul 2024 16:39:04 GMT
Etag
49e4a19f7bc91bdc
Server
Adtelligent

Redirect headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Tue, 30 Jul 2024 16:39:04 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D8779B&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
csync
sync.adtelligent.com/ Frame 0455
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A1%26sp%3D852559%26pb%3D753264%26c%3D7647...
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D877A1&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
0
0
Document
General
Full URL
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D877A1&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 30 Jul 2024 16:39:04 GMT
Etag
49e4a19f7bc91bdc
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Tue, 30 Jul 2024 16:39:04 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D877A1&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 99F7
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A0%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.45.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-45-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=100904
content-encoding
gzip
content-length
5492
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Wed, 31 Jul 2024 20:40:48 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F765
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&us_privacy=1---
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.45.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-45-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=100904
content-encoding
gzip
content-length
5492
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Wed, 31 Jul 2024 20:40:48 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 1464
0
0
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
622
content-type
text/html; charset=utf-8
date
Tue, 30 Jul 2024 16:39:04 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
2
usync.html
eus.rubiconproject.com/ Frame 0B43
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Tue, 30 Jul 2024 16:39:04 GMT
etag
"28052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame DCBF
0
0
Document
General
Full URL
https://public.servenobid.com/sync.html?usp_consent=1---
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-25.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
50755
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 30 Jul 2024 02:33:10 GMT
etag
W/"7539259c67f95d55bc8f9727d6ad7ba7"
last-modified
Mon, 24 Jun 2024 17:30:33 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 d0e0fdfe87d75193de6278b5eca393f8.cloudfront.net (CloudFront)
x-amz-cf-id
JLK4iQ5RGssM3zABD1QYt2WsmrtuO6U1BNjuFQDct9OBlY_8SMjdng==
x-amz-cf-pop
IAD61-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:91b96671-a23b-434c-bbfe-e75e3d8863b4
x-amz-meta-codebuild-content-md5
fceea412101a80be2cceb2589b2a6236
x-amz-meta-codebuild-content-sha256
e85ce636e46111a4b4f9520e655fe4e505db219b92a60cf2504a3109632a1894
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
/
de.tynt.com/deb/ Frame DD63
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779C%26sp%3D8...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779C%26sp%3D852559%26...
0
0
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779C%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2198
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 30 Jul 2024 16:39:03 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779C%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP020
x-33x-status
8340000A
csync
sync.adtelligent.com/ Frame 8C6F
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779E%26sp%3D852559%26pb%3D753264%26c%3D7647...
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779E&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
0
0
Document
General
Full URL
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779E&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 30 Jul 2024 16:39:04 GMT
Etag
49e4a19f7bc91bdc
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Tue, 30 Jul 2024 16:39:04 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779E&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
server
nginx
/
de.tynt.com/deb/ Frame EA23
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D87797%26sp%3D8...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D87797%26sp%3D852559%26...
0
0
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D87797%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2198
content-type
text/html
date
Tue, 30 Jul 2024 16:39:03 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 30 Jul 2024 16:39:03 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D87797%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP019
x-33x-status
8340000A
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C70B
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779D%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.45.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-45-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=100904
content-encoding
gzip
content-length
5492
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Wed, 31 Jul 2024 20:40:48 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
de.tynt.com/deb/ Frame 2816
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A0%26sp%3D8...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A0%26sp%3D852559%26...
0
0
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A0%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2198
content-type
text/html
date
Tue, 30 Jul 2024 16:39:03 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 30 Jul 2024 16:39:03 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A0%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP013
x-33x-status
8340000A
csync
sync.adtelligent.com/ Frame EA3F
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D...
  • https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D87797&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
0
0
Document
General
Full URL
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D87797&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 30 Jul 2024 16:39:04 GMT
Etag
49e4a19f7bc91bdc
Server
Adtelligent

Redirect headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Tue, 30 Jul 2024 16:39:04 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D87797&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
csync
sync.adtelligent.com/ Frame 8AD1
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D...
  • https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D8779D&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
0
0
Document
General
Full URL
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D8779D&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 30 Jul 2024 16:39:04 GMT
Etag
49e4a19f7bc91bdc
Server
Adtelligent

Redirect headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Tue, 30 Jul 2024 16:39:04 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D8779D&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
csync
sync.adtelligent.com/ Frame 1D66
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779C%26sp%3D852559%26pb%3D753264%26c%3D7647...
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779C&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
0
0
Document
General
Full URL
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779C&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 30 Jul 2024 16:39:04 GMT
Etag
49e4a19f7bc91bdc
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Tue, 30 Jul 2024 16:39:04 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779C&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
server
nginx
/
onetag-sys.com/usync/ Frame 1524
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
de.tynt.com/deb/ Frame B374
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=b-64TSyTCr7RPcrkHcnnVW&gdpr_consent=undefined&us_privacy=1---&gpp=&gpp_sid=
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=b-64TSyTCr7RPcrkHcnnVW&gdpr_consent=undefined&us_privacy=1---&gpp=&gpp_sid=
0
0
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=b-64TSyTCr7RPcrkHcnnVW&gdpr_consent=undefined&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1701
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 30 Jul 2024 16:39:03 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=b-64TSyTCr7RPcrkHcnnVW&gdpr_consent=undefined&us_privacy=1---&gpp=&gpp_sid=
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8340000A
isyn
prebid.a-mo.net/ Frame 7D88
0
0
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
622
content-type
text/html; charset=utf-8
date
Tue, 30 Jul 2024 16:39:03 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
sync
ssp.disqus.com/ Frame AC19
0
0
Document
General
Full URL
https://ssp.disqus.com/sync?type=iframe&us_privacy=1---
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.117.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-117-99.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store
content-encoding
gzip
content-length
324
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
0
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B44B
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D87797%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.45.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-45-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=100904
content-encoding
gzip
content-length
5492
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Wed, 31 Jul 2024 20:40:48 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
de.tynt.com/deb/ Frame 6F6C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A1%26sp%3D8...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A1%26sp%3D852559%26...
0
0
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A1%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2033
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 30 Jul 2024 16:39:03 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A1%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8340000A
csync
sync.adtelligent.com/ Frame 8E4E
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779B%26sp%3D852559%26pb%3D753264%26c%3D7647...
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779B&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
0
0
Document
General
Full URL
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779B&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 30 Jul 2024 16:39:04 GMT
Etag
49e4a19f7bc91bdc
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Tue, 30 Jul 2024 16:39:04 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779B&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
server
nginx
csync
sync.adtelligent.com/ Frame 6FC1
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A0%26sp%3D852559%26pb%3D753264%26c%3D7647...
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D877A0&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
0
0
Document
General
Full URL
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D877A0&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 30 Jul 2024 16:39:04 GMT
Etag
49e4a19f7bc91bdc
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Tue, 30 Jul 2024 16:39:04 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D877A0&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
server
nginx
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6CF1
0
0
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.8.247 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-8-247.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 30 Jul 2024 16:39:04 GMT
ETag
"623de86a-cf34"
Expires
Wed, 31 Jul 2024 16:39:06 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 9A83
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D...
  • https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D877A0&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
0
0
Document
General
Full URL
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D877A0&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 30 Jul 2024 16:39:04 GMT
Etag
49e4a19f7bc91bdc
Server
Adtelligent

Redirect headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Tue, 30 Jul 2024 16:39:04 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D877A0&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame E329
0
0
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.8.247 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-8-247.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 30 Jul 2024 16:39:04 GMT
ETag
"623de86a-cf34"
Expires
Wed, 31 Jul 2024 16:39:06 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7792
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779B%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.45.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-45-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=100904
content-encoding
gzip
content-length
5492
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Wed, 31 Jul 2024 20:40:48 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync.html
s.console.adtarget.com.tr/ Frame EA57
0
0
Document
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=748067
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:927::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtarget /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://stateways.com
Connection
Keep-Alive
Date
Tue, 30 Jul 2024 16:39:03 GMT
Permissions-Policy
browsing-topics=()
Server
Adtarget
X-Robots-Tag
noindex
/
de.tynt.com/deb/ Frame 6E30
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779E%26sp%3D8...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779E%26sp%3D852559%26...
0
0
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779E%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1774
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779E%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP016
x-33x-status
8340000A
csync
sync.adtelligent.com/ Frame 9634
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D...
  • https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D877A1&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
0
0
Document
General
Full URL
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D877A1&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 30 Jul 2024 16:39:04 GMT
Etag
49e4a19f7bc91bdc
Server
Adtelligent

Redirect headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Tue, 30 Jul 2024 16:39:04 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D877A1&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
/
de.tynt.com/deb/ Frame F45C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779D%26sp%3D8...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779D%26sp%3D852559%26...
0
0
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779D%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1774
content-type
text/html
date
Tue, 30 Jul 2024 16:39:03 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 30 Jul 2024 16:39:03 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779D%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8340000A
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9830
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D877A1%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.45.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-45-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=100904
content-encoding
gzip
content-length
5492
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Wed, 31 Jul 2024 20:40:48 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1A99
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779C%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.45.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-45-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=100904
content-encoding
gzip
content-length
5492
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Wed, 31 Jul 2024 20:40:48 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
de.tynt.com/deb/ Frame 4A07
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779B%26sp%3D8...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779B%26sp%3D852559%26...
0
0
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779B%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1774
content-type
text/html
date
Tue, 30 Jul 2024 16:39:03 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 30 Jul 2024 16:39:03 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779B%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP019
x-33x-status
8340000A
csync
sync.adtelligent.com/ Frame A588
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D...
  • https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D8779E&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
0
0
Document
General
Full URL
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D8779E&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 30 Jul 2024 16:39:04 GMT
Etag
49e4a19f7bc91bdc
Server
Adtelligent

Redirect headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Tue, 30 Jul 2024 16:39:04 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=41E6F54D08D8779E&sp=852559&pb=753264&c=764727&a=754412&domain=https://stateways.com/&extuid=3653591411978364000V10
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F62B
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779E%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fstateways.com%2F%26extuid%3D
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.45.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-45-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=100904
content-encoding
gzip
content-length
5492
content-type
text/html
date
Tue, 30 Jul 2024 16:39:04 GMT
expires
Wed, 31 Jul 2024 20:40:48 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 4625
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D8779D%26sp%3D852559%26pb%3D753264%26c%3D7647...
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779D&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
0
0
Document
General
Full URL
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779D&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 30 Jul 2024 16:39:04 GMT
Etag
49e4a19f7bc91bdc
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Tue, 30 Jul 2024 16:39:04 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D8779D&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
server
nginx
/
onetag-sys.com/usync/ Frame 4393
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1722357540642&us_privacy=1---
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 7FE3
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D41E6F54D08D87797%26sp%3D852559%26pb%3D753264%26c%3D7647...
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D87797&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
0
0
Document
General
Full URL
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D87797&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 30 Jul 2024 16:39:04 GMT
Etag
49e4a19f7bc91bdc
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Tue, 30 Jul 2024 16:39:04 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=41E6F54D08D87797&sp=852559&pb=753264&c=764710&a=743293&domain=https://stateways.com/&extuid=5222931856105099249
server
nginx
7318ffc0e8fa1d771446
s.amazon-adsystem.com/x/
0
0

us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D...
  • https://sync.go.sonobi.com/us.gif?nw=bs&nuid=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&gdpr=0&gdpr_consent=
49 B
783 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&gdpr=0&gdpr_consent=
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 30 Jul 2024 16:39:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dif%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=if&nuid=17f666a9-1727-4d00-b508-ede5c4eaeade
49 B
769 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=if&nuid=17f666a9-1727-4d00-b508-ede5c4eaeade
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 30 Jul 2024 16:39:04 GMT
Strict-Transport-Security
31536000
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
all
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin
Server
MT3 1637 26565ec master ord ord-pixel-x28 config_version:"2403"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=if&nuid=17f666a9-1727-4d00-b508-ede5c4eaeade
Cache-Control
no-cache,no-store,must-revalidate
Keep-Alive
timeout=360
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=6188463f-92fe-4ce3-bcbd-d51a2076e407
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De9f26bca-091c-447e-b953-b9c9df802871%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7473332277637949819&pt=e9f26bca-091c-447e-b953-b9c9df802871%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7473332277637949819&pt=e9f26bca-091c-447e-b953-b9c9df802871%2C%2C
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
an-x-request-uuid
101dc70d-18bf-4f47-809b-4ebb568e65ad
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7473332277637949819&pt=e9f26bca-091c-447e-b953-b9c9df802871%2C%2C
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NjE4ODQ2M2YtOTJmZS00Y2UzLWJjYmQtZDUxYTIwNzZlNDA3
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
49 B
764 B
Image
General
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1977432102137360374
49 B
751 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1977432102137360374
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1977432102137360374
Date
Tue, 30 Jul 2024 16:39:04 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
capi.connatix.com/us/
Redirect Chain
  • https://capi.connatix.com/us/pixel?puid=931e5b6d-a386-43b6-ba4b-43ab45925c1f&pId=43&gdpr_consent=&callback=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=931e5b6d-a386-43b6-ba4b-43ab45925c1f&pId=43&gdpr_consent=&callback=&us_privacy=&final=true
82 B
82 B
Image
General
Full URL
https://capi.connatix.com/us/pixel?puid=931e5b6d-a386-43b6-ba4b-43ab45925c1f&pId=43&gdpr_consent=&callback=&us_privacy=&final=true
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:04 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
access-control-max-age
86400
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8ab6c85c8df5ac76-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
95
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 30 Jul 2024 16:39:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
86400
location
https://capi.connatix.com/us/pixel?puid=931e5b6d-a386-43b6-ba4b-43ab45925c1f&pId=43&gdpr_consent=&callback=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8ab6c85c2d87ac76-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&google_hm=NWYzYzk1YjQtZTAwMC00ZThhLThlMjAtZjA1N2JhNzBiOTVj&...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMaUYdfgy17ncXYPSV_YXkE&google_cver=1&ssp=sonobi&bsw_param=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr_consent=&gdpr=0
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr=0&gdpr_consent=&us_privacy=
49 B
769 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr=0&gdpr_consent=&us_privacy=
Date
Tue, 30 Jul 2024 16:39:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=931e5b6d-a386-43b6-ba4b-43ab45925c1f
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De9f26bca-091c-447e-b953-b9c9df802871%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7473332277637949819&pt=e9f26bca-091c-447e-b953-b9c9df802871%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7473332277637949819&pt=e9f26bca-091c-447e-b953-b9c9df802871%2C%2C
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
an-x-request-uuid
a1dd5fe6-0c4a-4948-831c-10e785ad7ba8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7473332277637949819&pt=e9f26bca-091c-447e-b953-b9c9df802871%2C%2C
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
capi.connatix.com/us/
Redirect Chain
  • https://capi.connatix.com/us/pixel?puid=6188463f-92fe-4ce3-bcbd-d51a2076e407&pId=43&gdpr_consent=&callback=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=6188463f-92fe-4ce3-bcbd-d51a2076e407&pId=43&gdpr_consent=&callback=&us_privacy=&final=true
82 B
82 B
Image
General
Full URL
https://capi.connatix.com/us/pixel?puid=6188463f-92fe-4ce3-bcbd-d51a2076e407&pId=43&gdpr_consent=&callback=&us_privacy=&final=true
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 16:39:04 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
access-control-max-age
86400
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8ab6c85c8df8ac76-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
100
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 30 Jul 2024 16:39:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
86400
location
https://capi.connatix.com/us/pixel?puid=6188463f-92fe-4ce3-bcbd-d51a2076e407&pId=43&gdpr_consent=&callback=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8ab6c85c2d88ac76-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=931e5b6d-a386-43b6-ba4b-43ab45925c1f&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=WGZoRTh6Sy1SM3NkcXIwa3RQUGhqZw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOBK9zwvkRQDhrsanegV2do&google_cver=1
49 B
1 KB
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOBK9zwvkRQDhrsanegV2do&google_cver=1
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-798dc55c8c-p8gcc
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOBK9zwvkRQDhrsanegV2do&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=6188463f-92fe-4ce3-bcbd-d51a2076e407&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ZVpZNTQ1eEZDWWJHdDFoeEZKTUtwUQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOBK9zwvkRQDhrsanegV2do&google_cver=1
49 B
1 KB
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOBK9zwvkRQDhrsanegV2do&google_cver=1
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-798dc55c8c-p8gcc
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOBK9zwvkRQDhrsanegV2do&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=9aWVw12kXgdMDs9VKNqjKqdy0Wc
49 B
760 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=9aWVw12kXgdMDs9VKNqjKqdy0Wc
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=9aWVw12kXgdMDs9VKNqjKqdy0Wc
Date
Tue, 30 Jul 2024 16:39:04 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=db8d61494a&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&pubid=db8d61494a
49 B
769 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&pubid=db8d61494a
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&pubid=db8d61494a
date
Tue, 30 Jul 2024 16:39:04 GMT
server
Kestrel
content-length
227
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=OTMxZTViNmQtYTM4Ni00M2I2LWJhNGItNDNhYjQ1OTI1YzFm
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
49 B
763 B
Image
General
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/
33 B
273 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
0dd071ef6d196e3d9f264448aafa45fdc2f5c464f752891c8a08b3d40c65eba0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://stateways.com
date
Tue, 30 Jul 2024 16:39:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=GCTQQHxVY3NaL2Jjb0ZZQ2p2M05ZU3F5WFZZamtBaU44ekh1d29iSDhkcHJBNkRBMGR0WTQ5UzZKZVRKRGdyeGtrT3ZxQ3FwMmovZkYxRFVhckt2bUt3bUk5Z0d5dmlJSEl0VEdpTUhweGpsbG5hUjNQcEJtWTYvTVBBMVlFcFhVM05INEFpQy9SMXMzRVJOSWlGdEJyNUdxSHZPKzRBTW0xVm00V2g0TE5HMmUvNEE3dWhxelVtN3pVd2dLWGFwRGlCcU5TdjExM0JFNjdjRDc0RHFSMjBUOHJ1TUROYTkxZkRIcHpBbXdvYWNEWS9RdCs5SjNWb24xTjNNZ3FZemVxUUtufA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 30 Jul 2024 16:39:05 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
184305
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
692.json
id5-sync.com/g/v2/
632 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751249_18434.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
1a6e783c7e2af48381d95c4db69b5993e1739685576a16c7d70c8e76ef6058fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 30 Jul 2024 16:39:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://stateways.com
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
set
id.a-mx.com/ Frame 52A0
Redirect Chain
  • https://id.a-mx.com/sync/?tagId=&ref=null&u=https://stateways.com/&v=7.3.0&vg=pbjs&us_privacy=null&gdpr=0&gdpr_consent=undefined
  • https://c3.a-mo.net/b?uid=5c1ae47c-e45d-4c54-bdd4-f89b5897499d&sh=id.a-mx.com&
  • https://id.a-mx.com/set?oid=5c1ae47c-e45d-4c54-bdd4-f89b5897499d&uid=5c1ae47c-e45d-4c54-bdd4-f89b5897499d&
99 B
956 B
XHR
General
Full URL
https://id.a-mx.com/set?oid=5c1ae47c-e45d-4c54-bdd4-f89b5897499d&uid=5c1ae47c-e45d-4c54-bdd4-f89b5897499d&
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
HTTP/1.1
Server
138.199.41.120 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
unn-138-199-41-120.datapacket.com
Software
/
Resource Hash
d353a8a4666462a51613e7fee9e54f82e2df527812682edaa04c05f55216646c

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
null
date
Tue, 30 Jul 2024 16:39:05 GMT
access-control-allow-credentials
true
content-length
99
content-type
application/json

Redirect headers

access-control-allow-origin
null
location
https://id.a-mx.com/set?oid=5c1ae47c-e45d-4c54-bdd4-f89b5897499d&uid=5c1ae47c-e45d-4c54-bdd4-f89b5897499d&
date
Tue, 30 Jul 2024 16:39:05 GMT
access-control-allow-credentials
true
content-length
0
f
fid.agkn.com/ Frame 52A0
151 B
688 B
XHR
General
Full URL
https://fid.agkn.com/f?apiKey=2339672991&r=https%3A%2F%2Fstateways.com%2F
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14191/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.199.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-199-57.compute-1.amazonaws.com
Software
AAWebServer /
Resource Hash
e244cfd53c50023d8100e7736a26a8fb6786d87d58ae6d4635748ba9e8e57801

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
151
expires
0
isyn
sync.a-mo.net/ Frame 625F
0
0
Document
General
Full URL
https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=Ct4BSg1zdGF0ZXdheXMuY29tUgthYXMtZjkwYjRhMloIcGJhMS4zLjFqDXN0YXRld2F5cy5jb236AQU3LjMuMOgCAYgDpK6ktQaoA13qAyRmNDNiYWZiOC0wNDU1LTQ2YzYtYmE3Zi0xY2MwYzQwNTZlZDGiBBZodHRwczovL3N0YXRld2F5cy5jb20vqgQDRENIsgUDVVNE6gUHZGVza3RvcPoFA255NcAGAMgGAaoHA3dlYsoHDXN0YXRld2F5cy5jb23gBwGCCA1zdGF0ZXdheXMuY29tiggGY2hyb21l
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14191/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
603
content-type
text/html; charset=utf-8
date
Tue, 30 Jul 2024 16:39:05 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
pd
us-u.openx.net/w/1.0/ Frame BF34
0
0
Document
General
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14191/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
732
content-type
text/html
date
Tue, 30 Jul 2024 16:39:05 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame EC08
0
0
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14191/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.8.247 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-8-247.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 30 Jul 2024 16:39:04 GMT
ETag
"623de86a-cf34"
Expires
Wed, 31 Jul 2024 16:39:06 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 728C
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1722357542467&gdpr=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14191/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
us.gif
sync.go.sonobi.com/ Frame 52A0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=bs&nuid=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&gdpr=0&gdpr_consent=
49 B
783 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&gdpr=0&gdpr_consent=
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:04 GMT
via
1.1 google
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
us.gif
sync.go.sonobi.com/ Frame 52A0
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=931e5b6d-a386-43b6-ba4b-43ab45925c1f&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=QQD0lfbslgar
49 B
744 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=QQD0lfbslgar
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=QQD0lfbslgar
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-798dc55c8c-92fqd
expires
-1
us.gif
sync.go.sonobi.com/ Frame 52A0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=bc2afab5f7&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&pubid=bc2afab5f7
49 B
769 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&pubid=bc2afab5f7
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&pubid=bc2afab5f7
date
Tue, 30 Jul 2024 16:39:05 GMT
server
Kestrel
content-length
227
us.gif
sync.go.sonobi.com/ Frame 52A0
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dif%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=if&nuid=17f666a9-1727-4d00-b508-ede5c4eaeade
49 B
769 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=if&nuid=17f666a9-1727-4d00-b508-ede5c4eaeade
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 30 Jul 2024 16:39:05 GMT
Strict-Transport-Security
31536000
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
all
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin
Server
MT3 1637 26565ec master ord ord-pixel-x29 config_version:"2403"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=if&nuid=17f666a9-1727-4d00-b508-ede5c4eaeade
Cache-Control
no-cache,no-store,must-revalidate
Keep-Alive
timeout=360
us.gif
sync.go.sonobi.com/ Frame 52A0
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1977432102137360374
49 B
751 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1977432102137360374
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1977432102137360374
Date
Tue, 30 Jul 2024 16:39:05 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame 52A0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sonobi
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5222931856105099249&ssp=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr=&gdpr_consent=&us_privacy=
49 B
769 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 30 Jul 2024 16:39:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usg.gif
sync.go.sonobi.com/ Frame 52A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=OTMxZTViNmQtYTM4Ni00M2I2LWJhNGItNDNhYjQ1OTI1YzFm
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
49 B
763 B
Image
General
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 52A0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=9aWVw12kXgdMDs9VKNqjKqdy0Wc
49 B
760 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=9aWVw12kXgdMDs9VKNqjKqdy0Wc
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=9aWVw12kXgdMDs9VKNqjKqdy0Wc
Date
Tue, 30 Jul 2024 16:39:05 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
set
id.a-mx.com/ Frame 9C32
Redirect Chain
  • https://id.a-mx.com/sync/?tagId=&ref=null&u=https://stateways.com/&v=7.3.0&vg=pbjs&us_privacy=null&gdpr=0&gdpr_consent=undefined
  • https://c3.a-mo.net/b?uid=dbd4dea2-3d82-4ed3-a453-8b33fb4c070d&sh=id.a-mx.com&
  • https://id.a-mx.com/set?oid=dbd4dea2-3d82-4ed3-a453-8b33fb4c070d&uid=dbd4dea2-3d82-4ed3-a453-8b33fb4c070d&
99 B
956 B
XHR
General
Full URL
https://id.a-mx.com/set?oid=dbd4dea2-3d82-4ed3-a453-8b33fb4c070d&uid=dbd4dea2-3d82-4ed3-a453-8b33fb4c070d&
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
HTTP/1.1
Server
138.199.41.120 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
unn-138-199-41-120.datapacket.com
Software
/
Resource Hash
31963252b2c1a2e61aaea4c8c2e0da3179d9baa7c32577343ff04b454ae10e6e

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
null
date
Tue, 30 Jul 2024 16:39:05 GMT
access-control-allow-credentials
true
content-length
99
content-type
application/json

Redirect headers

access-control-allow-origin
null
location
https://id.a-mx.com/set?oid=dbd4dea2-3d82-4ed3-a453-8b33fb4c070d&uid=dbd4dea2-3d82-4ed3-a453-8b33fb4c070d&
date
Tue, 30 Jul 2024 16:39:05 GMT
access-control-allow-credentials
true
content-length
0
f
fid.agkn.com/ Frame 9C32
151 B
686 B
XHR
General
Full URL
https://fid.agkn.com/f?apiKey=2339672991&r=https%3A%2F%2Fstateways.com%2F
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14193/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.199.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-199-57.compute-1.amazonaws.com
Software
AAWebServer /
Resource Hash
e248f491227cc984d8f9000ee4b4401bdeecef4720d39bb264f46b619421440e

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
https://stateways.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
151
expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1C14
0
0
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14193/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.8.247 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-8-247.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 30 Jul 2024 16:39:04 GMT
ETag
"623de86a-cf34"
Expires
Wed, 31 Jul 2024 16:39:06 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
isyn
sync.a-mo.net/ Frame 6CCF
0
0
Document
General
Full URL
https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=Ct4BSg1zdGF0ZXdheXMuY29tUgthYXMtZjkwYjRhMloIcGJhMS4zLjFqDXN0YXRld2F5cy5jb236AQU3LjMuMOgCAYgDpK6ktQaoA13qAyQxZWU4ZWU0ZS04MGU4LTQ2ZWQtOGI4ZS1hNTNlMDRiNzAzMmaiBBZodHRwczovL3N0YXRld2F5cy5jb20vqgQDRENIsgUDVVNE6gUHZGVza3RvcPoFA255NcAGAMgGAaoHA3dlYsoHDXN0YXRld2F5cy5jb23gBwGCCA1zdGF0ZXdheXMuY29tiggGY2hyb21l
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14193/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
603
content-type
text/html; charset=utf-8
date
Tue, 30 Jul 2024 16:39:04 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
0
/
onetag-sys.com/usync/ Frame EC54
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1722357542481&gdpr=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14193/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pd
us-u.openx.net/w/1.0/ Frame 76BB
0
0
Document
General
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14193/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://stateways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
690
content-type
text/html
date
Tue, 30 Jul 2024 16:39:05 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
us.gif
sync.go.sonobi.com/ Frame 9C32
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=bc2afab5f7&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&pubid=bc2afab5f7
49 B
769 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&pubid=bc2afab5f7
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&pubid=bc2afab5f7
date
Tue, 30 Jul 2024 16:39:05 GMT
server
Kestrel
content-length
227
us.gif
sync.go.sonobi.com/ Frame 9C32
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dif%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=if&nuid=17f666a9-1727-4d00-b508-ede5c4eaeade
49 B
769 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=if&nuid=17f666a9-1727-4d00-b508-ede5c4eaeade
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 30 Jul 2024 16:39:05 GMT
Strict-Transport-Security
31536000
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
all
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin
Server
MT3 1637 26565ec master ord ord-pixel-x13 config_version:"2403"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=if&nuid=17f666a9-1727-4d00-b508-ede5c4eaeade
Cache-Control
no-cache,no-store,must-revalidate
Keep-Alive
timeout=360
us.gif
sync.go.sonobi.com/ Frame 9C32
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=9aWVw12kXgdMDs9VKNqjKqdy0Wc
49 B
760 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=9aWVw12kXgdMDs9VKNqjKqdy0Wc
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=9aWVw12kXgdMDs9VKNqjKqdy0Wc
Date
Tue, 30 Jul 2024 16:39:05 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
usg.gif
sync.go.sonobi.com/ Frame 9C32
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=OTMxZTViNmQtYTM4Ni00M2I2LWJhNGItNDNhYjQ1OTI1YzFm
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
49 B
763 B
Image
General
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOfhNI7FUdoNRaeLp7zYHGw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 9C32
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1977432102137360374
49 B
751 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1977432102137360374
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1977432102137360374
Date
Tue, 30 Jul 2024 16:39:05 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame 9C32
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=bs&nuid=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&gdpr=0&gdpr_consent=
49 B
783 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&gdpr=0&gdpr_consent=
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
via
1.1 google
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
us.gif
sync.go.sonobi.com/ Frame 9C32
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=sonobi&user_id=dTpGUHNWaTdHeFJqOVJYb3lvaHNXeTA=
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr=&gdpr_consent=&us_privacy=
49 B
769 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:06 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f3c95b4-e000-4e8a-8e20-f057ba70b95c&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 30 Jul 2024 16:39:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/ Frame 9C32
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=931e5b6d-a386-43b6-ba4b-43ab45925c1f&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=QQD0lfbslgar
49 B
744 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=QQD0lfbslgar
Requested by
Host: stateways.com
URL: https://stateways.com/
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stateways.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 16:39:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-179
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=QQD0lfbslgar
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-798dc55c8c-92fqd
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
scada.paradizeconstruction.com
URL
https://scada.paradizeconstruction.com/D6+nK3SNxEJrjZ0ZOJeLCX2NnQlr2MhMesDDWmrNw0Rly4VW
Domain
a4p.adpartner.pro
URL
https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Da%26ep%3D307558%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D765812%26a%3D307558%26extuid%3D%7Buser_id%7D
Domain
vid.vidoomy.com
URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=undefined&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.hbmp.mediafuse.com%2Fcsync%3Ft%3Dg%26ep%3D380%26traffic_source%3Dsnippet%26session%3D41E6F54D08D7BD0D%26sp%3D852559%26pb%3D753264%26c%3D764707%26a%3D556847%26extuid%3D%7B%7BVID%7D%7D
Domain
ids.ad.gt
URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001722357540-JE1548LB-EP77
Domain
ids.ad.gt
URL
https://ids.ad.gt/api/v1/t_match?tdid=2d52d36b-ce05-47ca-8890-9b6e60dd8b82&id=AU1D-0100-001722357540-JE1548LB-EP77
Domain
ids.ad.gt
URL
https://ids.ad.gt/api/v1/pbm_match?pbm=CDBFB85C-5355-4674-AB0B-169E3223272E&id=AU1D-0100-001722357540-JE1548LB-EP77
Domain
ids.ad.gt
URL
https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001722357540-JE1548LB-EP77
Domain
ids.ad.gt
URL
https://ids.ad.gt/api/v1/amo_match?turn_id=8027953497467205434&id=AU1D-0100-001722357540-JE1548LB-EP77
Domain
ids.ad.gt
URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001722357540-JE1548LB-EP77&halo_id=060ixdlju6a65dg9iefi9ld8dfc9glgge7huok0wi0e0ykq6umou60k4koi6q0qqm
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUUta-EgZgNEAYYW0K78SMbNF83RyHYGbb7ppk2yf0R_YXrpw4VL0bu1D5lXtBqNtXoSrQxrRcdmvS9wUAw5SJ1BFlDg
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQV2HCNxSIKli53SA4WONoM3MU9TAMS2kRAM3Exp4G4lJLLrFel9t-YOrh1I_xur8GFKDg8f0qbAjHUvzO7AgZt9e6fA
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxEF2ZGlOQQIc2y0zxNtVrml8z-igc_jm-MazV398543l09sVT-hD1sbX7sNxhmW6elAaAPwFc-eNcDq-sAaaQtOKzbg
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5xunbetWNuogOwjtOjhCxe1dYe7Cjd7F-xfUbJ3BhLThJ5BRH3DaRUTMi9MVT80jFuo1hHzaxcOJK_Wqa8HfwecY0mg
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnp9Z2LNzYTaryhv_v3UJumOCU2wG8WFcHdxtWS9bPfbVs2ViVghwXCV1sOMlENxLXYaY9_jQCR6t9KgI-JK7Eri9JeA
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407290201&jk=456094333825992&bg=!ycqlyoXNAAZTFZZkcxU7ADQBe5WfOEFs-QiDdqnNFmmB3wQyUIuQxUpyBch8CgYYF-g9V5t0V9V6tc9zhOptknmuAnGYAgAAAGxSAAAABGgBB34ANj3-w3ol9kwtaTDQaH6PVwnjg2663pwamY9ntPbGRhd9DGDUxWV8p4-JUwlSWIvyHLM4O5yP5pkDHhboPm1cjygeIH-HOcR_nyXQ2bWsOm5DzCt572XKvzH99re-No7obbrzIIToDiiocGeVaSVKjVONyJqZ_YciYMBcWh52LHjKXcWilM9GS0fdK8PkloPLO0tErSdkD0DalIrwvGCwRUc_Kji2rxOpGc43O-t6pc9WGvZzkNu2eMY5zKSSksxglyXcrDVGhYH7nd2szrnESy4d6WPwJ7-aMlPNkJqU0t8uLo-8Sbrq9WoRL2Rxfr4Kb1MuxZS3XwzJFAzcFFBKppIa4b5V91NT_YTVEZfwdWMI1AGnDiPJ9CCVt-QZu1ANHGxoWBOdFTp2fYADkdBTOx6WidyV0GnuxxT5s6aE7UpoSrvUlCszviAQjmxLn2Lj1cLlViPpRSBhbmQJk0Zbu4mo9eVqrOPxNwjL0OpbJUr_K-zQeWPU_B2oa5ikxap-Ek1BFDNhYX5WR0-zEEvhkdhKEtvb2FkoLlioVOuNBW7KJJJHArO6csL2_VBIeMQsOErn2u-0s22hkx7K6YC0LOc65lL1uahxtmIbvh-2QaaksQSZ69hezaAlKEZT4TUMeFbuuYfwQjtRMCXwOhL3Jk89fGKDmpqPwjMuF8QswQK8roB0sh7HlfdVn1CwJmHfpOE8nm04CGPyKaK2F5gUrGFA2fID2zmnOYxXPIHLxCoF7TR_5SeWAMHVFBZ9OErXB5xR3bsS85eVPbHJzFFe-KsQL_3M3J0vk5WiCY7Qw8yxvRBXHQE9RIM9NUjqBQCS9xWHcgYKQzkRGIUMA_crIY0em5af3CiwkTcpxAS81bK9OXjw_0HfRs5yi3JWs7iAXS7d5hhK1MeiHoYZNZTfgIKQrHwmYuqmWAlvJy02YVLZqx7t7DtYW3jxqO1u4HpXEk7mZI6JK6a-8-qnrUZ3S1z_pQy3eUFfGXI0_SwCuYrF4MJWuPmu0axbu8vvSIMmWnHc37OphrkNmNkozKDLLGJrvX2qkYwxPt-YLg87-H9HxSoRvK26gL9yy0P0JBYnQA4Zty64YWyes_sPj0QuEbCTPdHvPOOrC-fD7udgbZSk_ZPrFDgCgQ
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407290201&jk=2238190774838441&bg=!4-Cl4K_NAAZTFZZkcxU7ADQBe5WfOIGfmQpBRVb-0bHuiqb6YxlyMYal2E0sgbfYvO2jC9K51rIGm2dYr7ecCLzxRzwKAgAAAJlSAAAAA2gBB34ANlU8zhpfPH11VDGDk9-ouML8SlrwmCSvQmcs5aQoDrvvWGSCjpfRssG5lY4PZJk0KskeI24BMQoACDr2eOvuaPVwmQM6vu04T9eF6QzA0Ro-BXrq8D9YL_cQpnP1_q5fEnJRalaCGOtBTayCKmSiiGvuT5L4lCauTH7GtZP0AoyK0-hno3-QKyi3Yp5WuDMKZCAUXIoznzz5aWZyqYP597Vux75PiTqVW2Sfa6CBKB9cpJ-4kLHCj-1jdedJYYeF_9H4l4rBeeWd2ioP4u2_pKpKMKOQOCLckbKqEVt4bd0dO_PNF5FgRL8mx7vdsdXQBC3ncvplCbF_Dek6cLiTR1b3Slr-sQZr-VAx2ab7nOPl9bET2mgDkxzxWGQbm4tC8wxWEFqGDI6cgQ8bhWq59H6UOF69yi8d-icvfwdB-odyS1znHT8t1vWDCoihO01BQivAwT07YIVumHuxKQbXuUjRFQ914m0fuTjr9QJ6BQP07YBmgerQrWt9gOPql_7vPh3ZookXkFM-_DEOAiOrBbuXTisqh33lWzznggixne9YFKiD07wArAwbznbHqpMbH6yrZ0sDlHY0SVus_vnOPNjOfOxDa-dZVx2BS2jeDTS449Dxj7O5QICau5ClhCSKd74AQDF91BNBvFRd2LbZXL5-auI-p2UtmiqFMD9GLouW4Pl3f_GImaOqhuouha39jO-J99NcHEAaLtMc7mtapfNco8fpB-3z8MHsOkISQVeDVD0jx8ktT8PcyMYqaR2pSmyi4_S4tYTPw7iABRycxZZAFU08E3PuTuv-JtlAfrNsKUBVFSCC52IcZNgnOFrnmduqiLJ8D7l24dJoLXiFRb_ezrTjZt9cXrlHvv1ezin_RaiH2bDx3zZmeFtvayVDQYpyL3xyWFbPh8zwPzfYwXtmTgq6VUD3JrSYHUQTlfQHpXHfo6-khtZs3AjeBB1WpRjNC14S0NFwdEokYUIMXmU-7MItDOas6gu4J_0zdaarBAfENI8d01sv2ERGEAjln5f47kIC3KN7_hIJE-SzaZy2YjHqHjIUaZ6lpsH5Ho3YlPQQZz9cyTQEUUXcTk4e7x3vM0rlWyZ5gVrF1miNAmBKNV45n2NjAP3x2tYQ4mnPXW_SN69h4oLPoufs9_DOHayMu_7smlGiydK-QrcQCu1t7-wEMZTADa_B825CcQ
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446

Verdicts & Comments Add Verdict or Comment

244 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| 47 object| 48 object| 49 object| 50 object| 51 object| 52 object| 53 object| 54 object| 55 object| 56 object| 57 object| 58 object| 59 object| 60 object| 61 object| 62 object| wpp_params object| WordPressPopularPosts object| _wpemojiSettings object| cnArgs function| jQuery object| tdb_global_vars object| tdb_p_autoload_vars function| documentInitOneSignal function| OneSignal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| td_user_incorrect string| td_email_user_empty string| td_pass_empty string| td_pass_pattern_incorrect string| td_retype_pass_incorrect string| tds_theme_color_site_wide string| tdThemeName string| tdThemeNameWl string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce string| tdMobileMenu string| tdMobileSearch object| tdDateNamesI18n string| tdb_modal_confirm string| tdb_modal_cancel string| tdb_modal_confirm_alt string| tdb_modal_cancel_alt string| td_deploy_mode function| gtag object| dataLayer object| googletag object| vmpbjs object| vpb function| cnx string| method object| olytics object| a object| metas string| olyticsCategory number| oolltt object| oollttMeta string| theNameAttribute object| _ml object| block_tdi_13 object| block_tdi_15 object| block_tdi_16 object| block_tdi_17 object| tdDetect object| tdViewport object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life function| td_delete_site_cookie function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdBlocks object| td_history object| tdHeader object| tdCustomEvents object| tdEvents object| tdPullDown object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdConfirm function| onYouTubeIframeAPIReady object| tdSocialSharing function| tdModalImage object| tdcPostSettings function| tdbGetMobileTemplates object| addComment object| tdToTop object| tdAjaxSearch object| tdLogin object| tdMenu object| td_res_context_registered_atts object| google_tag_manager object| google_tag_data object| ggeac object| google_js_reporting_queue string| GoogleAnalyticsObject function| ga number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| twemoji object| wp object| gaGlobal object| vmpbjsChunk object| regeneratorRuntime object| mnet string| nobidVersion object| nobid object| gaplugins object| gaData object| cnxResources object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZmNiZDdlODc0ZDgwNGM2N2xvYWRlcl9qcw== string| ZmNiZDdlODc0ZDgwNGM2N2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_tag_topics_state function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| pubHadronCb object| auvars object| hadron boolean| __halo_loaded__ function| docReady object| au object| autag object| audDataLayer function| audGtag object| Criteo boolean| 5b915b54-8555-45ba-984a-44d6c878a29a object| criteo_pubtag object| criteo_pubtag_prebid_144 object| Criteo_prebid_144

278 Cookies

Domain/Path Name / Value
.onesignal.com/ Name: __cf_bm
Value: 1M7G_5RQlqYbsSRSnGF9BT6UQ54MJ8rpF.l4ef6jUKA-1722357539-1.0.1.1-itxe9REsKAK3.WbWCverf6rBle6XlR51WPU10nPHgWsripMfvRXH3oOdAEz.e_qLRURApjVZPV6njm8gxr27JA
.stateways.com/ Name: oly_fire_id
Value: 1562A8013245A7A
.stateways.com/ Name: oly_anon_id
Value: d4793947-6021-4c4a-98c3-2e92c45ef323
.ml314.com/ Name: u
Value: aHR0cHM6Ly9zdGF0ZXdheXMuY29tLw%3D%3D
.ml314.com/ Name: pi
Value: 3645941671896023053
.ml314.com/ Name: tp
Value: 4%253B07%252F30%252F2024%2B16%253A38%253A59%253B0
.demdex.net/ Name: demdex
Value: 14388333428571697161121554134055219901
.adsrvr.org/ Name: TDID
Value: 2d52d36b-ce05-47ca-8890-9b6e60dd8b82
.dpm.demdex.net/ Name: dpm
Value: 14388333428571697161121554134055219901
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 896960a3c1f35759aa78b9cbc9376462
.eyeota.net/ Name: mako_uid
Value: 191048261f4-3f5d0000010a5141
.eyeota.net/ Name: SERVERID
Value: 20801~DM
.stateways.com/ Name: _ga_56GZQQQPLE
Value: GS1.1.1722357539.1.0.1722357539.60.0.0
.stateways.com/ Name: _ga
Value: GA1.2.386196306.1722357539
.stateways.com/ Name: _gid
Value: GA1.2.754866402.1722357539
.stateways.com/ Name: _gat_gtag_UA_49360022_10
Value: 1
.stateways.com/ Name: _pubcid
Value: 3709492c-5aa9-45a9-b73b-e67aea32f2e0
.hbmp.mediafuse.com/ Name: vmuid
Value: 4956c3ff1cbc4136
.ad.gt/ Name: au_3p_check
Value: 1
.stateways.com/ Name: _au_1d
Value: AU1D-0100-001722357540-JE1548LB-EP77
.a-mo.net/ Name: _sv3_0
Value: 1
.a-mo.net/ Name: amuid2
Value: 50041293-bec2-457f-8935-69542820b2b3
.a-mo.net/ Name: pamuid2
Value: 50041293-bec2-457f-8935-69542820b2b3
.prebid.a-mo.net/ Name: psd_amuid2
Value: 50041293-bec2-457f-8935-69542820b2b3
.prebid.a-mo.net/ Name: sd_amuid2
Value: 50041293-bec2-457f-8935-69542820b2b3
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.33across.com/ Name: 33x_ps
Value: u%3D212720529914094%3As1%3D1722357540126%3Ats%3D1722357540126
.lijit.com/ Name: ljt_reader
Value: JFBnALZHRlM3M8mzQvOkr1VW
.mgid.com/ Name: lmg_usr
Value: 3a994da8-1171-4683-928a-3bdfca61ef5c
.mgid.com/ Name: lmg_r
Value: 25
.stateways.com/ Name: __gads
Value: ID=c793699f0706f2d1:T=1722357539:RT=1722357539:S=ALNI_Ma_MtTk75wFwBGD13ngbbOqdcki4Q
.stateways.com/ Name: __gpi
Value: UID=00000ec324267b38:T=1722357539:RT=1722357539:S=ALNI_MY72laM8eh9X9Tcaovcmx7_GknoBA
.stateways.com/ Name: __eoi
Value: ID=9cb43830dccca656:T=1722357539:RT=1722357539:S=AA-AfjYolNDLypa5sz73TLGREVql
.a-mo.net/ Name: _sv3_8
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: wQCh3ib5W11C_mzKA3swCdx_7xVdiuiit-mX-a9q_ql-HFET4xLh4oLSxzgeabWabe5K_Bb9tNw3S5hZ8RIhp1Ks8CeMqpdFOFYDqKVNAak.
.adnxs.com/ Name: uuid2
Value: 7473332277637949819
.pubmatic.com/ Name: KADUSERCOOKIE
Value: CDBFB85C-5355-4674-AB0B-169E3223272E
.turn.com/ Name: uid
Value: 8027953497467205434
.tynt.com/ Name: uid
Value: Vz/bJWapFyTMu3ZvQmwUMQ==
.hbmp.mediafuse.com/ Name: g358
Value: 3a994da8-1171-4683-928a-3bdfca61ef5c
.hbmp.mediafuse.com/ Name: g13
Value: JFBnALZHRlM3M8mzQvOkr1VW
.hbmp.mediafuse.com/ Name: g32
Value: 7473332277637949819
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3614bb3f-8da6-4ddc-9929-e5ff06f0aa70-005%22%2C%22nxtrdr%22%3Afalse%7D
.trafmag.com/ Name: vid
Value: 5838720471533195
.hbmp.mediafuse.com/ Name: g76
Value: CDBFB85C-5355-4674-AB0B-169E3223272E
.3lift.com/ Name: tluidp
Value: 1437489099506907087679
.3lift.com/ Name: tluid
Value: 1437489099506907087679
.simpli.fi/ Name: suid
Value: E0292CA27DE04293A46AD7E5027EF173
.tapad.com/ Name: TapAd_TS
Value: 1722357540363
.tapad.com/ Name: TapAd_DID
Value: e9f26bca-091c-447e-b953-b9c9df802871
.w55c.net/ Name: wfivefivec
Value: EJfMlzfA1SyPSk5
.hbmp.mediafuse.com/ Name: g58
Value: 212720529914094
.yahoo.com/ Name: A3
Value: d=AQABBCQXqWYCEFD58lbDQiphKdgR99MnD8YFEgEBAQFoqmayZgAAAAAA_eMAAA&S=AQAAAiRssFLepnjQkXJNialgZGc
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3614bb3f-8da6-4ddc-9929-e5ff06f0aa70-005%22%7D
.rubiconproject.com/ Name: khaos
Value: LZ8N7JN1-O-V3C
.rubiconproject.com/ Name: khaos_p
Value: LZ8N7JN1-O-V3C
.w55c.net/ Name: matchpubmatic
Value: 5
.krushmedia.com/ Name: krm_usr
Value: 6395d1de-74ab-5c9c-8d05-c2148dad9037
.krushmedia.com/ Name: krm_r
Value: 615
.doubleclick.net/ Name: IDE
Value: AHWqTUmXoNkG6dYb7SV1Wb4wYb7NTfMJpEG5SydHFiFK82UFCMIaSP1zFzZTD9iPrRQ
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGaHLudXp3JCwQwjvw2AoCo&KRTB&23025-CAESEGaHLudXp3JCwQwjvw2AoCo&KRTB&23386-CAESEGaHLudXp3JCwQwjvw2AoCo
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:E0292CA27DE04293A46AD7E5027EF173&KRTB&23486-uid:E0292CA27DE04293A46AD7E5027EF173&KRTB&23489-uid:E0292CA27DE04293A46AD7E5027EF173&KRTB&23539-uid:E0292CA27DE04293A46AD7E5027EF173
.bidswitch.net/ Name: tuuid
Value: 5f3c95b4-e000-4e8a-8e20-f057ba70b95c
.bidswitch.net/ Name: c
Value: 1722357540
.bidswitch.net/ Name: tuuid_lu
Value: 1722357540
.adtelligent.com/ Name: vmuid
Value: 49e4a19f7bc91bdc
.adtelligent.com/ Name: a541630
Value: RX-3614bb3f-8da6-4ddc-9929-e5ff06f0aa70-005
.ipredictive.com/ Name: cu
Value: c350be59-53a3-45df-bbaf-e778d4ae6a10|1722357540496
.adform.net/ Name: uid
Value: 5222931856105099249
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d99999
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-2d52d36b-ce05-47ca-8890-9b6e60dd8b82&KRTB&22918-2d52d36b-ce05-47ca-8890-9b6e60dd8b82&KRTB&22926-2d52d36b-ce05-47ca-8890-9b6e60dd8b82&KRTB&23031-2d52d36b-ce05-47ca-8890-9b6e60dd8b82
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:EJfMlzfA1SyPSk5&KRTB&23421-uid:EJfMlzfA1SyPSk5
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-c350be59-53a3-45df-bbaf-e778d4ae6a10&KRTB&23011-c350be59-53a3-45df-bbaf-e778d4ae6a10&KRTB&23355-c350be59-53a3-45df-bbaf-e778d4ae6a10
.smartadserver.com/ Name: pid
Value: 1881432225883416443
pbjs.e-planning.net/ Name: CT
Value: 1
.go.sonobi.com/ Name: _usd_stateways.com
Value: df0fd514-be26-44c0-85d0-a0ecdf452331
apex.go.sonobi.com/ Name:
Value: receive-cookie-deprecation: 1
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 49822740
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 49822740
.go.sonobi.com/ Name: __uin_cx
Value: 1
.go.sonobi.com/ Name: __uir_cx
Value: 49822740
.go.sonobi.com/ Name: __uis
Value: 931e5b6d-a386-43b6-ba4b-43ab45925c1f
.360yield.com/ Name: tuuid_lu
Value: 1722357540
prebid.media.net/ Name: receive-cookie-deprecation
Value: 1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzcxNjI0MDI0Njc2MzA2NxHiM9Q1Kq_IMso0c_ZKzfUHABcmiH4lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzcxNjI0MDI0Njc2MzA2NxHiM9Q1Kq_IMso0c_ZKzfUHABcmiH4lAAAA
.adx.opera.com/ Name: UID
Value: OPU9aeff86f6693495395d5ad2606b044c4
.360yield.com/ Name: tuuid
Value: b38f8b84-2b51-411f-bda8-9a0f84f87688
.stateways.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-wldX0z3WdXjh9EjdYjPigLteXP4kks1Fh70IIlpW4uxyCgQvk6tVi-HwUBc5UTSzuKyu974eHX1n9ioexWYdpqU4Yq2AxpWjUikApo3kodBpUOtO3hI3lq8zZWOJpFYY6I8zl6YBTLg1YdzHoB3v0Zn1z7w%3D%3D%22%5D%5D
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-6673fa0e-82e0-3644-80b9-2992c6406848
.media.net/ Name: visitor-id
Value: 3653591411978364000V10
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.hbmp.mediafuse.com/ Name: g142
Value: 3653591411978364000V10
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidr.io/ Name: bito
Value: AAAifE7NUi4AABR4UCqzUw
.bidr.io/ Name: bitoIsSecure
Value: ok
.linkedin.com/ Name: bcookie
Value: "v=2&43ac40aa-0e1b-49dd-8067-fac48b282450"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjIzNTc1NDE7MjswMjF6hiX34gXymf9bJdHfDIxHpGGHTgqJiAef1q0T1ma47Q==
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3390:u=1:x=1:i=1722357541:t=1722443941:v=2:sig=AQHH_RXMA7KINYYEqffe5flDhTh-6ea6"
.amazon-adsystem.com/ Name: ad-id
Value: A9QwYp9CW0x9rag9CL3Ftic
.bing.com/ Name: MUID
Value: 25721AC2088D6E6C2CB10E0E095B6F0A
stateways.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.quantserve.com/ Name: mc
Value: 66a91726-5db64-eaa8b-32e4a
.tremorhub.com/ Name: tvid
Value: 61c5c967bf8b4e95bd10a98fb768cd5e
.tremorhub.com/ Name: tv_UIDF
Value: CAESEIcg1La5lCuNGJyh2x7qmPs
.tremorhub.com/ Name: tvssa
Value: 1722357542388
.inmobi.com/ Name: idsp_c
Value: 64f7778d-9103-4c19-8517-e0ec6b318b86
.lijit.com/ Name: ljtrtb
Value: eJyrVrIwULJS8omy8DP38jPU9dcNM3ZWqgUAQ3oFxA%3D%3D
.mediago.io/ Name: __mguid_
Value: 213bd2cbd91be0b72k5noy00lz8n7l7t
.prebid.a-mo.net/ Name: __amc
Value: 3_1722357540_1722357542
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%221DFE7012-9630-4E87-273D-97C7A89DA429%22%7D
.openx.net/ Name: i
Value: 70d207a8-f1ec-0a71-1bd0-573200a6859b|1722357542
.adnxs.com/ Name: icu
Value: ChkIzPOAARAKGAEgASgBMKaupLUGOAFAAUgBChkI44iOARAKGAEgASgBMKSupLUGOAFAAUgBEKaupLUGGAE.
.sitescout.com/ Name: ssi
Value: 86e8726f-8c5a-4d65-ba7c-4edb272b98f8#1722357543368
.kargo.com/ Name: ktcid
Value: 8905629a-7044-0fec-501d-23b0a601ce3f
.deepintent.com/ Name: CDIUSER
Value: di_ba26029f3b544d64bdad3
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1977432102137360374
.thrtle.com/ Name: mc
Value: eyJpZCI6IjkwZjE3ZTFkLWY5ZTQtNGYwMS05NjUwLWJjOTI1ZmVhNWFkNCIsImwiOjE3MjIzNTc1NDM0MjIsInQiOjF9
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f5a595c3-5da4-5e07-4c0e-cf5528daa32a.FvOMVqzn5%2FbJ6ambVqxJR66AgzRBuPMOZr8Up%2F4YY0k
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f5a595c3-5da4-5e07-4c0e-cf5528daa32a.FvOMVqzn5%2FbJ6ambVqxJR66AgzRBuPMOZr8Up%2F4YY0k
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A9aWVw12kXgdMDs9VKNqjKqdy0Wc.De8IYD3yL21YfFHosd1SSUx1ESXVXWALXruVMq8PWsw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A9aWVw12kXgdMDs9VKNqjKqdy0Wc.De8IYD3yL21YfFHosd1SSUx1ESXVXWALXruVMq8PWsw
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAEGcYBCCnrqS1BjABOgTwU00QQgSUSfqK.LtImLgDTgmCyhb2jSp9g%2BiA1yYXr2V7PrVROFrWIOjo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAEGcYBCCnrqS1BjABOgTwU00QQgSUSfqK.LtImLgDTgmCyhb2jSp9g%2BiA1yYXr2V7PrVROFrWIOjo
.mxptint.net/ Name: mxpim
Value: R33647_1197B2CE2_68A95267.1.000000000000000066A91727
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553&KRTB&23418-86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553
.pubmatic.com/ Name: DPSync3
Value: 1723334400%3A257%7C1722384000%3A255%7C1723507200%3A258_256_260_263_262_261_259_201%7C1722902400%3A252_265
.pubmatic.com/ Name: SyncRTB3
Value: 1722902400%3A15_38_223_2%7C1724889600%3A224%7C1723507200%3A214_243_5_104_267_3_21_266_96_13_22_165_176_56_234_55_220_46_240_238_231_71_99_264_81_54_166_178_8_7_249_250_48_233%7C1727481600%3A69%7C1723161600%3A63%7C1722729600%3A216%7C1723593600%3A268_35
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8027953497467205434&KRTB&23150-8027953497467205434&KRTB&23527-8027953497467205434
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: sspid
Value: 7a02c35a-1a3a-3c61-a7f2-ad81b0ca7acc
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-WbVri160OIRCtm7QWbcn1w7iMtBCsDjXW-LuETgU&KRTB&22979-WbVri160OIRCtm7QWbcn1w7iMtBCsDjXW-LuETgU&KRTB&23462-WbVri160OIRCtm7QWbcn1w7iMtBCsDjXW-LuETgU
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-9aWVw12kXgdMDs9VKNqjKqdy0Wc&KRTB&23334-9aWVw12kXgdMDs9VKNqjKqdy0Wc&KRTB&23417-9aWVw12kXgdMDs9VKNqjKqdy0Wc&KRTB&23426-9aWVw12kXgdMDs9VKNqjKqdy0Wc
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33647_1197B2CE2_68A95267&KRTB&23092-R33647_1197B2CE2_68A95267
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU9aeff86f6693495395d5ad2606b044c4&KRTB&23485-OPU9aeff86f6693495395d5ad2606b044c4&KRTB&23524-OPU9aeff86f6693495395d5ad2606b044c4&KRTB&23575-OPU9aeff86f6693495395d5ad2606b044c4
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-5f3c95b4-e000-4e8a-8e20-f057ba70b95c
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQAHW9GdSVJu1AJ9gy_oAQEBAQEBAQCQBYNzhAEBAJAFg3OE&KRTB&22715-AQAHW9GdSVJu1AJ9gy_oAQEBAQEBAQCQBYNzhAEBAJAFg3OE&KRTB&23519-AQAHW9GdSVJu1AJ9gy_oAQEBAQEBAQCQBYNzhAEBAJAFg3OE
.adgrx.com/ Name: ADGRX_UID
Value: 3b298bde-4e92-11ef-8185-961c8814c104
.mathtag.com/ Name: uuid
Value: 17f666a9-1727-4d00-b508-ede5c4eaeade
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.resetdigital.co/ Name: ckbk
Value: 000001507EEE6A45
.ctnsnet.com/ Name: cid_7e410e288de948c8bce02cc82ca2e7c8
Value: 1
.pippio.com/ Name: did
Value: w0zROCUFFrwYPV3G
.pippio.com/ Name: didts
Value: 1722357543
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7756439431867848243P
.owneriq.net/ Name: pmc
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5222931856105099249&KRTB&23231-5222931856105099249&KRTB&23263-5222931856105099249&KRTB&23481-5222931856105099249
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:17f666a9-1727-4d00-b508-ede5c4eaeade
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23168-000001507EEE6A45&KRTB&23175-000001507EEE6A45
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-93f3c701-28b9-49b7-a398-195b8a8719cd&KRTB&23340-93f3c701-28b9-49b7-a398-195b8a8719cd&KRTB&23498-93f3c701-28b9-49b7-a398-195b8a8719cd
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-3b298bde-4e92-11ef-8185-961c8814c104&KRTB&23275-3b298bde-4e92-11ef-8185-961c8814c104
.adsby.bidtheatre.com/ Name: __kuid
Value: b849c160-76e2-4436-83be-8c1987723130.491571543
.tribalfusion.com/ Name: ANON_ID
Value: aintuJt3er66AxvPBQpBm85RhMiO3wAv5dRhGJUqMRIbJeQNEROTmqY5aZaanlZcKLD1NFmLZaPhaXaZdZdesc4ltbOO7
.creativecdn.com/ Name: g
Value: WZd8aPapgdyEvtkkYAjD_1722357543762
.creativecdn.com/ Name: ts
Value: 1722357543
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 01eace24-3402-4aca-8483-9da51c06f405
.csync.loopme.me/ Name: viewer_token
Value: 324fae78-f162-46c9-a749-9080990df70e
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-tsk4lfOsIWcaPXD0s3L0fWZy1PAJM_EbZiGGVJhViwc&KRTB&23047-tsk4lfOsIWcaPXD0s3L0fWZy1PAJM_EbZiGGVJhViwc&KRTB&23234-tsk4lfOsIWcaPXD0s3L0fWZy1PAJM_EbZiGGVJhViwc&KRTB&23361-tsk4lfOsIWcaPXD0s3L0fWZy1PAJM_EbZiGGVJhViwc
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-HpiM7dw7Al-4oYXjKBepZg&KRTB&23557-HpiM7dw7Al-4oYXjKBepZg&KRTB&23586-HpiM7dw7Al-4oYXjKBepZg
.pubmatic.com/ Name: PugT
Value: 1722357544
.stateways.com/ Name: _pubcid_cst
Value: VyxHLMwsHQ%3D%3D
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQsLA0szQzSDRONkwzNjU3tUxMNLdIskxOSrY0NjczMTNiAIK0leIaDAgAAD5SCbk%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGBIWymuwQAHABEHAU8%3D"
.stateways.com/ Name: panoramaId_expiry
Value: 1722443944351
.stateways.com/ Name: _cc_id
Value: 896960a3c1f35759aa78b9cbc9376462
.stateways.com/ Name: panoramaId
Value: d7ddfb8ea85fbc5860c9982ead44a9fb927ab64494c8481d17034f1202e1aacf
.connatix.com/ Name: cnx_userId
Value: e3e01de1b92641ba940315e5f788de51
.iqzone.com/ Name: iq_r_key
Value: 299
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5104-2!5104
.adtelligent.com/ Name: g50
Value: 5222931856105099249
.iqzone.com/ Name: iq_u_key
Value: 5a1eab71-08b8-412b-894d-ffc7600d55f4
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22e3358483bc%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544508%7D%2C%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1722357540298%7D%2C%7B%22p%22%3A%22f46c881bee%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544508%7D%2C%7B%22p%22%3A%22632381c622%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544508%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544396%7D%2C%7B%22p%22%3A%226f27415d53%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544396%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544396%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544432%7D%2C%7B%22p%22%3A%22a3ec099f1a%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544508%7D%2C%7B%22p%22%3A%22baebe6454b%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544432%7D%2C%7B%22p%22%3A%224ef5c9a86a%22%2C%22f%22%3A1%2C%22ts%22%3A1722357540298%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544396%7D%2C%7B%22p%22%3A%220f90caf3cf%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544432%7D%2C%7B%22p%22%3A%22162dbd77b3%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544396%7D%2C%7B%22p%22%3A%226db3fb8a85%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544508%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1722357540298%7D%2C%7B%22p%22%3A%2295c591d034%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544432%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1722357540298%7D%2C%7B%22p%22%3A%22cf4d6e49b5%22%2C%22f%22%3A1%2C%22ts%22%3A1722357540298%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544432%7D%2C%7B%22p%22%3A%225cb91279ed%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544432%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1722357540298%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544396%7D%2C%7B%22p%22%3A%22ee0d9a54e4%22%2C%22f%22%3A1%2C%22ts%22%3A1722357544508%7D%5D
.dotomi.com/ Name: DotomiTest
Value: 294230c22c611e3
.adtelligent.com/ Name: g58
Value: 212720529914094
.adtelligent.com/ Name: g142
Value: 3653591411978364000V10
.go.sonobi.com/ Name: __uin_eb
Value: CAESEOfhNI7FUdoNRaeLp7zYHGw||1
.go.sonobi.com/ Name: __uin_td
Value: 2d52d36b-ce05-47ca-8890-9b6e60dd8b82
.go.sonobi.com/ Name: __uin_zt
Value: 1977432102137360374
.go.sonobi.com/ Name: __uin_bw
Value: 5f3c95b4-e000-4e8a-8e20-f057ba70b95c
.go.sonobi.com/ Name: __uin_st
Value: 9aWVw12kXgdMDs9VKNqjKqdy0Wc
.go.sonobi.com/ Name: __uin_if
Value: 17f666a9-1727-4d00-b508-ede5c4eaeade
.go.sonobi.com/ Name: __uin_bs
Value: 86e8726f-8c5a-4d65-ba7c-4edb272b98f8-66a91727-5553
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 31e3d895f956e094
.contextweb.com/ Name: V
Value: QQD0lfbslgar
.contextweb.com/ Name: VP
Value: part_QQD0lfbslgar
.minutemedia-prebid.com/ Name: wrvUserID
Value: pRtWo4QzCp_mm
.casalemedia.com/ Name: CMID
Value: ZqkXKEt3uYsAABUiAMCVYwAA
.casalemedia.com/ Name: CMPS
Value: 467
.casalemedia.com/ Name: CMPRO
Value: 467
.servenobid.com/ Name: pid_324
Value: 1977432102137360374
.servenobid.com/ Name: pid_310
Value: JFBnALZHRlM3M8mzQvOkr1VW
.servenobid.com/ Name: pid_321
Value: OPTOUT
.servenobid.com/ Name: pid_333
Value: ZqkXKNHM6bUAAAp7AGaO5gAADhkAAAAB
.a-mx.com/ Name: amuid2
Value: 50041293-bec2-457f-8935-69542820b2b3
.gumgum.com/ Name: vst
Value: u_561d94c7-1a6b-4022-8c43-37820d1f1420
.pxl.iqm.com/ Name: ttacross
Value: MTcyMzU2NzE0NTAwNw==
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: c70759f7-d1a3-40c0-8d9b-73cc7ae105dd
.mfadsrvr.com/ Name: tuuid
Value: 2c77dab6-b823-45c5-9b51-b25b29d70446
.mfadsrvr.com/ Name: c
Value: 1722357545
.mfadsrvr.com/ Name: tuuid_lu
Value: 1722357545
.a-mx.com/ Name: amdt_t
Value: p::1722357545037
.admanmedia.com/ Name: admtr
Value: 2d0198ac-5ea0-4734-bd33-20be02b24f29
.omnitagjs.com/ Name: ayl_visitor
Value: 433bdcfca39285db4ad49d0017485632
.sharethrough.com/ Name: stx_user_id
Value: edb71b6c-ea79-47a3-8811-32357d850b68
.cdn.dxkulture.com/ Name: __cf_bm
Value: R1zzprbxfm7a3LuNyM86QD6sd9MbS9zGjIrMsi4qRNs-1722357545-1.0.1.1-KV5LTL4ALUVl9mHbdv8vWBzy7LvtqA_iU3YEl3wbYgGSz.IU.M_mQd9iL3uJ_D.Jczojx0blqUTo.lBrkirEig
.servenobid.com/ Name: pid_309
Value: u_561d94c7-1a6b-4022-8c43-37820d1f1420
.yellowblue.io/ Name: wrvUserID
Value: H0ziofQ-kp_s
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240730%22%2C%22149%22%3A%2220240730%22%2C%22142%22%3A%2220240730%22%7D
.mfadsrvr.com/ Name: ssh
Value: !ultraspo=1722357545
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: ipc
Value: 160295^https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID^0^0
.pubmatic.com/ Name: pi
Value: 160295:3
.go.sonobi.com/ Name: HAPLB8G
Value: s85179|ZqkXL
.zemanta.com/ Name: zuid
Value: o-JMSFYiuVoVuO1ZFSO_
beacon.lynx.cognitivlabs.com/ Name: ss
Value: L4YZidLRIN72x4nhVDnb6EowkeZBDRvN6HsQdSH60ix9fqnqsn2rs6KLKTCb1XKhs9DnbrBubfl4xT9ioCBRq8sNZoEsTlTV8e9%2F9VgI8Nc%3D
.servenobid.com/ Name: pid_351
Value: edb71b6c-ea79-47a3-8811-32357d850b68
.servenobid.com/ Name: pid_373
Value: 2c77dab6-b823-45c5-9b51-b25b29d70446
.servenobid.com/ Name: pid_317
Value: 1881432225883416443
.servenobid.com/ Name: pid_352
Value: H0ziofQ-kp_s
.quantserve.com/ Name: d
Value: EGcBFQG5LIEO-TCP_8EA
.yieldmo.com/ Name: yieldmo_id
Value: VaLshAA95sAydswZZSJs%7C1722297600000%7C0
.stateways.com/ Name: cto_bundle
Value: euf1-V9Lb0IyMVhGc0RVM0ZCSFRYbEJNaTBUUkJtQVIwbkRsSlpHZyUyQkhxMHB2emRXSFpoMjBhRUJxdUVmUSUyQkNRRGp1NWZTU0RpaVlxUGhvS3JNazhDJTJCeVhkNzBnJTJCRnpuMEZXYkZRcXhNS01pV3VubmM2QiUyRjRvU1lPVjFnazhENzhmQ3A
.stateways.com/ Name: cto_bidid
Value: MUT-eF9La3dvcXJXaXdOMEJZelVHOWpENVJGc0FhVjRsdzFNbXpIYkhabklLUjJlVDZIazFaVm5IJTJGVWhreTdqNWdqU0tQUk1DejRWM2pJa3ZZZGhuTSUyRkVGT3clM0QlM0Q
.illumin.com/ Name: vdz_sync
Value: dea3d007-dd5b-1017-bb3a-eef08ee3dd81
.rtb.mx/ Name: amuid2
Value: 50041293-bec2-457f-8935-69542820b2b3
.rtb.mx/ Name: amdt_t
Value: p::1722357545211
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987Fnp3-6ZJr8BgoGJ1aDDnU4nXewIbsKOEBvCIjE0n_JYWep5YkrIGr2aenq2pQC4TM1
.smartadserver.com/ Name: csync
Value: 80:aj83Vm0-ZFlxPDINaj17Cj1obg1xOmQKaGiPyLNm
.admanmedia.com/ Name: ac_r
Value: CS181|CS155
.dxkulture.com/ Name: mtuid
Value: b429502d-e280-455f-b5f9-ca5d60e64204
.media.net/ Name: data-ris
Value: {{APID}}~~25
.rqtrk.eu/ Name: browser_id
Value: 1:a0d708bd-0475-4b83-b1e8-27d6a7899217
.pubmatic.com/ Name: SPugT
Value: 1722357544
.cootlogix.com/ Name: vdz_sync
Value: e0b83f31-2ea0-c665-b8b8-093af53d8b87
.admanmedia.com/ Name: lluid
Value: 4074c1d0-6f3e-0f17-2dc9-837964b92c2d
.id5-sync.com/ Name: id5
Value: 2d0e87fc-8023-75fe-b1df-04e4446cce33#1722357544783#2
.servenobid.com/ Name: pid_323
Value: LZ8N7JN1-O-V3C
.admanmedia.com/ Name: llum
Value: eyJwaW4iOnsiMTAiOjE3MjIzNTc1NDU0MDMsIjMiOjE3MjIzNTc1NDU1NzIsIjciOjE3MjIzNTc1NDU2Mzl9fQ
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ssb|4is.0.CAESEOBK9zwvkRQDhrsanegV2do|8nK.0.1|7bq.0.1|80p.0.1|7LJ.0.931e5b6d-a386-43b6-ba4b-43ab45925c1f
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1ssb|4is.0.CAESEOBK9zwvkRQDhrsanegV2do|8nK.0.1|7bq.0.1|80p.0.1|7LJ.0.931e5b6d-a386-43b6-ba4b-43ab45925c1f
.socdm.com/ Name: SOC
Value: ZqkXKcCo5r4AABK.DsAAAAAA
.go.sonobi.com/ Name: __uir_pp
Value: 213987060421770265
.go.sonobi.com/ Name: __uin_pp
Value: QQD0lfbslgar
.go.sonobi.com/ Name: __uir_td
Value: 213987056126802969
.go.sonobi.com/ Name: __uir_st
Value: 213987056126802969
.go.sonobi.com/ Name: __uir_bs
Value: 213987056126802969
.go.sonobi.com/ Name: __uir_if
Value: 213987056126802969
.go.sonobi.com/ Name: __uir_eb
Value: 213987056126802969
.go.sonobi.com/ Name: __uir_zt
Value: 213987056126802969
.rlcdn.com/ Name: rlas3
Value: H1BEWwhgZHfz9M26/OfM8LjZSH00E5KqpJgl/9NzS3g=
.rlcdn.com/ Name: pxrc
Value: CKOupLUGEgUI6AcQABIFCOhHEAQSBQjbThAAEgYIwuoBEAYSBgi46wEQBQ==
.agkn.com/ Name: ab
Value: 0001%3ADvjeDYynIYYHHMpXEKVO9SioqBg%2FkHmk
stateways.com/ Name: pbjs_fabrickId
Value: %7B%22fabrickId%22%3A%22E1%3Aa86JR2vHemu4byAXYB2Ui05n2p-E50fenWt9CxEutw7RedmP5EwE6K9MIMNAKp4nm1bwHmZ9SUZpmNGEYiwlQ9Bb3Iw8_o5orzuz4bm-PBOdlKj4qhTHuqcMqjgc9XYp%22%7D
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHZDB0cm8xahILCISh5dCEsJg9EAUSFwoIcHVibWF0aWMSCwiEtfvahLCYPRAFEhQKBXRhcGFkEgsIptP-24SwmD0QBRIWCgdydWJpY29uEgsItvb25ISwmD0QBRIVCgZjYXNhbGUSCwjA79KGhbCYPRAFGAEgASgCMgsIqI_9u5uwmD0QBTgBWgZzb25vYmlgAg..
.openx.net/ Name: pd
Value: v2|1722357545|wvmmiKbwuYvPwtvMvJeSgahEgKkWwrg2f8wiwIgy
.go.sonobi.com/ Name: __uir_bw
Value: 213987056126802969
.servenobid.com/ Name: pid_353
Value: 3653591411978364000V10
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmRkbGpuamJsbGK-igXBNzA3tlwliuCbWhiavRJD8E0sTQwBcA8M8UAAAAA
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcyMjM1NzU0MzQwMywiMzkiOjE3MjIzNTc1NDQzOTEsIjE3IjoxNzIyMzU3NTQ1ODYxLCI3IjoxNzIyMzU3NTQ0MzkxfQ
.rubiconproject.com/ Name: audit_p
Value: 1|ibmsU7cexqYmuTNxZ51SB2+o9tFjVplXGqskqS/gBhF3rhL5Alyh59Ec2ccemVAt7Zk+hFVEN1BCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp4LBTIY/jS8kyzJb/HTM66KHEIWd23lPFSdgcZEw+EktfY0V14FIbwNNc4QTpadywl9byk9TjXUW
.rubiconproject.com/ Name: audit
Value: 1|ibmsU7cexqYmuTNxZ51SB2+o9tFjVplXGqskqS/gBhF3rhL5Alyh59Ec2ccemVAt7Zk+hFVEN1BCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp4LBTIY/jS8kyzJb/HTM66KHEIWd23lPFSdgcZEw+EktfY0V14FIbwNNc4QTpadywl9byk9TjXUW
.server.cpmstar.com/ Name: USER_ID
Value: %b8wn%06+6%f6C%5b%a8%feE%7c%e7%87
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJpEnXTLu5DlBMz0Bfcw0zpBnnWNP1+1LqDy1DL61p9NNpPn1DpVBq9y1BzNEAGpNeDyuW+Bu6LhEean1xD928Gxi9==
.bluekai.com/ Name: bku
Value: ZoW99YAU3VjvA8Dl
.media6degrees.com/ Name: clid
Value: 2shg3l601170t9fbbij4eudv000000015w010v01701
.media6degrees.com/ Name: acs
Value: 012020k1shg3l6xzt10

1 Console Messages

Source Level URL
Text
other warning URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.olPxG0uqAvw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwnTbTmN7bbCFMFJjZE-5wmEhlLRg/m=ad_blocking_detection_executable(Line 5)
Message:
The keyword 'push-button' used on the 'appearance' property was deprecated and has now been removed. It will no longer have any effect.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

55fc0190636101f28c351aa6ef11839f.safeframe.googlesyndication.com
7303771b427aeebf627ec533e290a648.safeframe.googlesyndication.com
a.ad.gt
a4p.adpartner.pro
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
ads.servenobid.com
analytics.google.com
ap.lijit.com
apex.go.sonobi.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
c3.a-mo.net
capi.connatix.com
cd.connatix.com
cdn.hadronid.net
cdn.onesignal.com
cdn1.opstag.com
cdp.omeda.com
cds.connatix.com
cm-x.mgid.com
cm.adform.net
cm.g.doubleclick.net
de.tynt.com
dpm.demdex.net
edcf82e9dbcf1afc5a902539b7f89375.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ghb.adtelligent.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
hde.tynt.com
ib.adnxs.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
img.onesignal.com
in.ml314.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
ml314.com
mug.criteo.com
olytics.omeda.com
onesignal.com
onetag-sys.com
oqs.omeda.com
os4m-d.openx.net
p.ad.gt
p.rfihub.com
packedbrick.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel-sync.sitescout.com
pixel.tapad.com
pixels.ad.gt
player.adtelligent.com
player.hbmp.mediafuse.com
player.mediafuse.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.media.net
ps.eyeota.net
pubads.g.doubleclick.net
public.servenobid.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
scada.paradizeconstruction.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.cpmstar.com
sghb.hbmp.mediafuse.com
ssc-cms.33across.com
ssc.33across.com
ssp.disqus.com
stateways.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.a-mo.net
sync.adtelligent.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.hbmp.mediafuse.com
sync.mathtag.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.trafmag.com
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
us-u.openx.net
vid.vidoomy.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.stateways.com
x.bidswitch.net
a4p.adpartner.pro
ids.ad.gt
pagead2.googlesyndication.com
s.amazon-adsystem.com
scada.paradizeconstruction.com
vid.vidoomy.com
www.google.com
104.16.160.145
104.17.111.223
104.18.41.104
107.151.11.18
107.21.166.190
107.23.203.136
121.127.42.98
138.199.41.120
141.193.213.11
141.95.98.64
141.95.98.65
142.251.174.154
147.28.146.89
147.75.198.144
15.197.193.217
172.217.197.94
172.217.222.157
172.217.222.97
172.98.26.246
173.194.204.132
173.194.204.139
173.194.204.99
173.194.205.101
173.194.205.154
185.167.164.49
185.184.8.90
193.200.65.5
198.148.27.131
198.24.161.243
198.8.71.130
2001:4860:4802:34::181
204.180.130.159
204.180.130.165
207.65.37.179
209.85.232.155
209.85.232.157
216.200.232.249
23.105.14.106
23.222.200.28
23.227.146.18
23.48.9.103
23.52.8.247
23.54.45.11
2600:9000:250b:d200:1e:5cef:3780:93a1
2602:803:c002:200::32
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2607:4f00:927::2
2607:f350:3:2569:0:10:0:200c
2607:f350:3:2569:0:10:0:a
2607:f8b0:4004:c09::61
2607:f8b0:4004:c1f::9d
2607:f8b0:400d:c02::65
2607:f8b0:400d:c07::5e
2607:f8b0:400d:c07::84
2607:f8b0:400d:c07::8a
2607:f8b0:400d:c09::5f
2607:f8b0:400d:c0e::84
2620:100:a00b::12
2620:100:a00b::4
2620:112:f008:200::101
3.162.125.25
3.233.22.19
3.94.199.57
34.111.113.62
34.117.77.79
34.120.63.153
34.149.20.76
34.194.154.198
34.225.55.209
34.235.242.236
34.36.216.150
34.98.64.218
35.211.178.172
35.244.154.8
35.244.159.8
35.244.193.51
37.157.6.232
37.157.6.254
44.230.128.104
45.133.44.3
45.133.44.4
51.222.39.184
51.222.39.186
52.20.117.99
54.167.127.96
54.197.170.225
67.202.105.21
67.202.105.32
68.67.178.10
69.173.151.100
69.194.240.11
69.194.240.13
74.119.117.17
74.119.117.6
74.125.192.156
8.2.110.161
80.249.145.207
99.84.108.40
009c4930548a80395a31fac3d77d1daf87fb4d1db6d6314c9d5a99bab5440a56
010f69dae1a693c14cce28a8b9ef4b5e81b46906f47830154ac07364104ca855
027a2a1dc9044e78b8382a7522536ac3ac5a5401b148d7826e0f8eda3001cf2d
029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc
04e5c562d911f2d392190ef781448dccb630cdf957905debb172a6e0dcc44a23
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0608c4bc80d365c8447bf71c0a2fa4af4b2001b0835439bdb155f236e4d3fb64
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
0912dbf6012a0d62a15ec713b0d0213eea75a10eb13216553dbb30b4041bef43
0b4133bf452814fdc44a3c343564f5650dd714ba6d8539992046f43dcb3ac663
0dd071ef6d196e3d9f264448aafa45fdc2f5c464f752891c8a08b3d40c65eba0
0e4c682db72fc7ea8d8f45e09d1b7d8166e91b98672108a846a7feef576f85f5
0fa4e429088ac8574a5e085bf11e77be832ba92b51774cf1c5fce8e93db8896e
1040fa907e0ebaaa288ff64b358517b7560aa2034494cf5f3efa9abf9872e1b5
115b63c2b73bc1f032ec2fab7ddf08e1ca129a04beef0f6a541c7d46bcd65995
119976944646a79019ce03beff913584eb2f12e344b1e549c58a0da61fb1e6c7
1659e90eb15df892ccb180e27406372da1c52dc15d14aa24cdc44b92d9b4d8ac
17e0e31c5107194c1453b58e4385789c70dc098eb64e2c693d84501805e2e423
17fb444a7769dca78894b7f76cbb6da04eb3468379f33973613d2b1ee18b4e6c
180815afd33f9658fa268f327ddaff2375d3e1730aae10094bab30c5cd995ce6
1a6e783c7e2af48381d95c4db69b5993e1739685576a16c7d70c8e76ef6058fb
1f9cc374f5801372c1c766d7d0bdfafe314420e5a5e0e03c34249653d55862d1
218c2cead85c9a06900401035d8635a8a6d7a349ba56d0b3e470af3cd33a425f
288090a9704b05fcefad2f6a294668d40e1443b339a7d9a60b7362eed2a016ae
289080fe99a1ac9072ca848dc835bb34da458d9416cc7032a77e799599d88df6
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
2a98651c532a79df9855e2d54d346b70b8a7ba33192069e1a716cdb782e964e4
2ab715ba84b2354e7ca84b89b07f8bd205cc3d04a30a1f56726b01440b7f9130
2ce1b69b06e509223f4a267b45e7d790d6a79ca763f9ef19f1f0272fbab4e115
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
319165e7bdc788e7e671194290a717dd88fd234724dd3f584e4fe7208ef74110
31963252b2c1a2e61aaea4c8c2e0da3179d9baa7c32577343ff04b454ae10e6e
324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126
327bcfa6fc42b9fd72385f5b28a856d2adb2c63db3a5eacfe64ccab0214d3fc3
332cc1656a1f3cb69667b27eb3cb60f25a201dc14c80d81e5cb3f4827bf277cd
336a25d31d729ad4223f664f1c0e4f82778979cb5ca97edd303d40241d6b272c
33c7af32c4a685abe5294ea570410cbd8705fb7ce333118303bca99dd362d064
3438aba5d51070c3e9a774447370836a103669de35fcb23d9be86ece5aac5195
34e0034fa3b8b119a32fcfe9c78613f133ee7b7fd45084742524623ca46e4223
355a0b321aaaa11c85e367560d028c01d3f7a51241f52d7975e3c48cf78c27eb
35ae3217a2320983ff3aa0cd0665dc5c32d8ed32400dd17dc5e7b82c8422333b
38c849b9211b719399d7d5cd01c940e9be99664ba7c4ee4a53abaf0b4ba644ac
398244f9d8401e4d575801f6184f7dada1516245232e78c1f895efee2ed185ed
3b179d2dd62da53b781f3dd37085436f25a63bb82fd6905778762443fb662993
3b789661c617022a70ee1c1216439498851ce40aeb33dce57048dccdc0485ee8
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cba9fdd1a29531658e8c18404bc0def47c47022388ea6a7aae034d87fa25fb6
3d97c7a354ee5666e22c59498be5331a0edee5d6f7527a58a5744f323173bc8d
3e3f80e70dd682f918168bd67111a66067f25d59058f0e452707df6fae29d65d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fbcc41762592c5998d66c59de2186feb90f36023d3fbf7314615b5048ba367d
40bc14b8cdbe439a52a8400448f4e1b4183e2a7fde6514caa9d1c75fe70f041e
4246773bd719653641f07789266b297678528be6670642823f0e9178bc3b3713
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
45c0c4becdf9a79709e86f0a410bb23b6c6a11dced99927ccdf07ff21469a772
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4969ca83182ce6221279b6aa8a5aad268bf61247c8ca404dc9e2b72801ef6853
4b4986408ba8dc5d9bb73c04ed24d5de571376f4400424fc1452e825a82d834e
4dabf439b51b89bd45422249bf9dcccb126d5a032ad19fcd8ae82fd1f24343e8
4dee6911447fc57b03d029275e9acd56d42b96832bc5a5b9545bbec6b35e7aaf
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f79c8bf6d892758b5bc5af40e470297db596343a41dd3c3dfa78eff2517a114
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52ca1b930916c7dd73c1ede8e466e960178724d6bb7bc88abc059468f4d9ce41
55b9a7dd08cc3bde8e3b7d7b7e75fdf427c65000dfaafc0a359e6b439ec4c9ff
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5ca9ab556f6dd776e0156b6d01e43f44215bbd54cade93a31c70ff1266401bf0
5f453b08230333dab9062630d91295ec2a924932d6f54c69889c0920ab79a5be
5f597ef8259257660c0aa221e84f24851c7f2d1d74b5ae1e05f84952e1996572
6019a08592a1549adf435b097ecef7b167b828f89f829c83e6e037ab38a1cde9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
66a2046e4e90d115d640f13193de7df0136f6d8e36993b6537af1955ff8a180d
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce
68e98730c03d1b069b6a105d16c08690e824eebe08e01ea1b983fcf582f7ceed
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d4f5f33e523a7c0dcc092a2f06a6cdafb774eddbd7f9c4ea0255c4f713e853b
6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9
6fe40455d35f18ad6d7018c9afae941c96ee276318c1bb517ae6ff12c6eb227a
70eefb83f2a37646b42a1648460ad62acfb1a7d4f310e31ff0bb2a34500f24ce
77fc61c3eb0b5ebc7dec4ced9500e9617f6f01521292fc55b2a8fca497607246
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
789d560be25de17f684efd46f81cefe7189085104952e64132187fc3bfdd6187
78a137d5382f19aaea55e95b55e39a7829de05832714fc275d8a10312a3539d6
7a54289b2fea2723213d1b014e605a1f8ae3fd4ce32d7a0160e0121bcc50a350
7b75c7e6334b4479ba66025dd55a2c97dd99458faaa2d97a8c49749ddf4d3385
7c9d02dda53779480f00b064713508f99b7c7eccded1b3a298997169afcfd8b1
7db009532ba4cc3f4f7235f3c796f7ea21977b7c9a44fae919a3e5f8d0ce529a
7ef52ea8b5dc5b6a0c4782587f1016151a331c25ac93306e95ed12c06abba3ad
81ad599b03f27c2eb6913323bb5897bd52582c9e5196856ff7fbf96a7345bbcd
82932a8e8382473453096e4dfdd0223611789dafd09182838a79f8e34403b420
82c98a428ca69d9af95841f03e1a85311fe5a56f34babd91004d48b9cca7ddde
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
860199dcac91ea988c3591efd12b8e72dc8418e4381652ad8c67dd5ebbebf25c
861e014bae283b40af31c2c01838383194a292371353f18831a1823c620f3779
86837437cb45ee0a15a860678eebee8320ec33b32d67c0581650b00011475335
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e81fcac714f76272bbeb4872fed3a4b84410ed89fe0243acf406986a7611b27
8f201a4853af101005ac5435594ddcbe5702fb2076415c74e13c3d4d2cfbe94b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9039c64ec9d70f16161becd229473d939b36cb6b1ea204d96f513eb3e9e91f4e
93efd9d0cdc921da64302c19cd8d4f6ce0b83640be78ca7a38e30c7036882ec5
950eb1a580c233feef17d88ad4dd150a552529a86846234084bda9bf7f619fc6
97371c27cc246257f81839991c10834569156f1ec90012e95fa9954e5067ef87
994310b027de5fe426b01cd82ae5dae4f7262d84b5f0c63694614647f5295bd1
9a353438d03e09a997997ecdfd1ca66a686d907b4ee09e7ce5b95955eaf0f2a6
9bd6398f5976d92f6af3f268bb4bf8edf375dfc4aa72bdf4e1c1519e49343263
9db04040aea64bcdc60a5e54143d898298fe23fcb797bd919e346231ad2d6b44
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a5a7bdded62a7346252b44830666659b38475a9f871f2b81d77f9ffe7bb94e8f
a603cd6cb560b99be54225a4bf3bfd0812326ea5dfc408ea58ed4537ab1cb32e
a66e8c3d2028293e84c41757d64e43495bd9ad5ed1e40c285e643546ab676ad4
a8582ebd34fb338f48523ed8d1879b77e5e56a2ce178747438e5715248700969
a9f47cc10ee05e8ed42f88016cfeb5b43049cdf2143bb9c5e8f06fdf95a5b76f
af664f64b475678e0d181c23dd6eca9ee45afd956d129a66c9e30910f2a985cf
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b489b52865ad9042ebb0bc8e4ddf18feb3f2d733c1db4d0ad87842a52dea8f8a
b570b085340427e69ff68c0e3901f2b0d112aa390582f3ec0b1a601417d69afe
b5c0875d9860fb693414d34f77a5aeadcef64715765f9435e72bcb5c6b6dc304
b802f6de7426c7fcc661bcaa45517a00ba919d3796890c087a6c784e6e702cd5
b8fd4fb1c608284050d7c2e099581125286c05ee8459484dd19eb413bf25f9ab
bbe6df5ce9e35ec2c1b0964d04d0f68d56f672bfe4dfdb062a1c9705249542b7
c02ce5fe27992abd43d486563e36e3291a1fec9776d03662907096f62363839c
c33a676bd3eea1fd7eeca62c44c0e0d2460ba87528b01add32cfb311d919cef2
c3a993ea1a5f364751eb44895dcc2467064af2c001a6baf03d28107010766a33
c3ddba19da5e96a10b2724c8c1145373b14ac719b6e1594a7b9af0e8055f58e3
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c5e1629c5fdb7d18753448f9095701331d3ece89f2e44513c517efaefd24610b
c6b2ab567a7a3b5d645f743a0ae12dc3b2433d1d32495cd80505a2e2f667e381
c92cede2f2b45aaf01e68d8aa61614fa0460abc47833ff744156f0cca4a5174f
c9d6b556603a6bcd87105b6989375bd1fa5f77a85c5c7c962e72f9e8f50b5fbe
ca23b8f96998a9a29aaaa26bdf77c57a6a24cc5aab6a6955e44f7d677fd7669f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc61a6743f4691333d1e3814f8aec6b0a34bf58637d019c1d26d89cd27a973ce
ce751a2c9b0935668c2261d017d788e2ae76c206aab05ac5a483e02bf9feb142
ced232c8b6b165ef0cb92272d25f07dc37d0a37b54932735a0bc3e5113132d85
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d2c9f518ec6a8748dd27703e15b4c4c1f44590cee03193fe9c542678c80c6b27
d353a8a4666462a51613e7fee9e54f82e2df527812682edaa04c05f55216646c
d3bdf8bf7932544a7776521d75c5e5d03223a4997fdefdb0bfd4b80021f58d23
d5916e3b07f47ba2e0585a498732da9c321bff72b17d3008ce9eefe6b00e0b4f
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
dd29016f1b8ec8bbc13e15fc166baf9d0df59efb1022f14fc51397de41a210bc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e244cfd53c50023d8100e7736a26a8fb6786d87d58ae6d4635748ba9e8e57801
e248f491227cc984d8f9000ee4b4401bdeecef4720d39bb264f46b619421440e
e299ebc7e9d8ba28f03e84211b2cfb5d292eb455c0bc310522934894a8adc3b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b59585519199c1bc8626e4428c532f3495bf5500585cc636a675ce095906a2
e89e04007c3b2f1de030c03b393af88674a08cde2a9ec6b2a045d41089569865
e8ab8825e6e6251ba2de5049cec3e52882559f6b18767ab4277dc50b4992f7af
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
ed5724159a8f6ac6e42d3a8b66fdc874b0a197c53368a09579cd67fdd5fcc094
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f69cf0fbe1eeff80b06493bf62a3002464e00a7fada104a24c0a5d38c6bcf440
face3e985a023a9e6399eb3ebc9e7b49577c268e240a09d0d427dd99a50c086d
fb87eecb0593cade0e7232ef8caf2bdf1bb4bdc7678001783451fd59bda74c08
ff223a10d140f5151e83c047e58552373ff47585557512796add50d633ae398d