urlscan.io logo urlscan.io
SecurityTrails logo

heavy.com Open in urlscan Pro
192.0.66.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Effective URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Submission Tags: falconsandbox
Submission: On June 26 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 7 countries across 41 domains to perform 166 HTTP transactions. The main IP is 192.0.66.32, located in United States and belongs to AUTOMATTIC, US. The main domain is heavy.com.
TLS certificate: Issued by Network Solutions OV Server CA 2 on December 22nd 2020. Valid for: a year.
This is the only time heavy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 192.0.66.32 2635 (AUTOMATTIC)
2 151.101.193.26 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
3 143.204.98.29 16509 (AMAZON-02)
3 2600:9000:215... 16509 (AMAZON-02)
2 142.250.185.162 15169 (GOOGLE)
2 2600:9000:210... 16509 (AMAZON-02)
16 2600:9000:215... 16509 (AMAZON-02)
1 143.204.98.27 16509 (AMAZON-02)
1 65.9.77.3 16509 (AMAZON-02)
1 3 65.9.77.122 16509 (AMAZON-02)
1 65.9.77.91 16509 (AMAZON-02)
1 3.142.157.144 16509 (AMAZON-02)
8 151.139.128.11 20446 (HIGHWINDS3)
7 34.246.73.180 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
2 34.95.69.49 15169 (GOOGLE)
1 151.101.14.137 54113 (FASTLY)
4 18.235.17.58 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 52.44.237.179 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
20 2.16.186.139 20940 (AKAMAI-ASN1)
4 52.70.33.53 14618 (AMAZON-AES)
1 75.101.235.47 14618 (AMAZON-AES)
2 2.18.233.180 16625 (AKAMAI-AS)
1 1 2.19.35.65 16625 (AKAMAI-AS)
4 104.109.78.125 16625 (AKAMAI-AS)
1 52.57.10.248 16509 (AMAZON-02)
2 11 2.18.234.21 16625 (AKAMAI-AS)
1 2 185.86.137.17 201081 (SMARTADSE...)
12 35.244.159.8 15169 (GOOGLE)
2 18.197.54.206 16509 (AMAZON-02)
2 23.37.38.181 16625 (AKAMAI-AS)
4 213.19.147.42 3356 (LEVEL3)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 185.64.189.115 62713 (AS-PUBMATIC)
1 2 52.46.130.13 16509 (AMAZON-02)
3 76.223.111.131 16509 (AMAZON-02)
6 8 142.250.185.66 15169 (GOOGLE)
1 1 185.183.112.155 60350 (VP)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 173.231.181.122 29791 (VOXEL-DOT...)
1 52.55.122.95 14618 (AMAZON-AES)
1 52.45.125.207 14618 (AMAZON-AES)
1 69.173.144.139 26667 (RUBICONPR...)
2 2 185.29.132.69 30419 (MEDIAMATH...)
2 2 2620:116:800d... 16509 (AMAZON-02)
4 4 37.157.2.237 198622 (ADFORM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
166 54
16    192.0.66.32 (United States)

ASN2635 (AUTOMATTIC, US)
heavy.com
2    151.101.193.26 (United States)

ASN54113 (FASTLY, US)
polyfill.io
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
3    143.204.98.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-29.fra50.r.cloudfront.net
ads.adthrive.com
3    2600:9000:2156:4200:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr-wrapper.privacymanager.io
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2600:9000:2104:800:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr.privacymanager.io
16    2600:9000:2156:5400:a:b6fc:9800:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr-consent-tool.privacymanager.io
1    143.204.98.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-27.fra50.r.cloudfront.net
logger.adthrive.com
1    65.9.77.3 (United States)

ASN16509 (AMAZON-02, US)
certify-js.alexametrics.com
3    65.9.77.122 (United States)

ASN16509 (AMAZON-02, US)
sb.scorecardresearch.com
1    65.9.77.91 (United States)

ASN16509 (AMAZON-02, US)
certify.alexametrics.com
1    3.142.157.144 (Columbus, United States)

ASN16509 (AMAZON-02, US)
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
8    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
assets.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
7    34.246.73.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
trends.revcontent.com
1    2600:9000:2190:1400:19:f03c:7200:21 (United States)

ASN16509 (AMAZON-02, US)
d1bvk193qme2fc.cloudfront.net
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
i.clean.gg
1    151.101.14.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.ex.co
4    18.235.17.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
prd-collector-anon.ex.co
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:26f0:6c00::210:bb91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
2    2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
1    52.44.237.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
atrack.avplayer.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
20    2.16.186.139 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
mcd.ex.co
4    52.70.33.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
1    75.101.235.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
premiumsrv.aniview.com
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
secure-assets.rubiconproject.com
4    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    52.57.10.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
11    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
js-sec.indexww.com
2    185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)
www9.smartadserver.com
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
playbuzzltd-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
2    18.197.54.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prebid-server.rubiconproject.com
2    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
4    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    52.46.130.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
8    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
1    185.183.112.155 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    52.55.122.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
1    52.45.125.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.aniview.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    185.29.132.69 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
4    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
Apex Domain
Subdomains		 Transfer
25 ex.co
player.ex.co
prd-collector-anon.ex.co
mcd.ex.co
2 MB
21 privacymanager.io
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
gdpr-consent-tool.privacymanager.io
511 KB
16 heavy.com
heavy.com
329 KB
15 revcontent.com
assets.revcontent.com
trends.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
176 KB
12 openx.net
playbuzzltd-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
3 KB
11 casalemedia.com
ssum.casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
9 KB
11 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
139 KB
8 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
prebid-server.rubiconproject.com
token.rubiconproject.com
22 KB
8 aniview.com
player.aniview.com
track1.aniview.com
premiumsrv.aniview.com
sync.aniview.com
190 KB
4 adform.net
c1.adform.net
2 KB
4 1rx.io
tag.1rx.io
660 B
4 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
20 KB
4 adthrive.com
ads.adthrive.com
logger.adthrive.com
219 KB
3 adsrvr.org
match.adsrvr.org
793 B
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 google-analytics.com
www.google-analytics.com
19 KB
2 quantserve.com
pixel.quantserve.com
997 B
2 mathtag.com
sync.mathtag.com
1 KB
2 indexww.com
js-sec.indexww.com
3 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
961 B
2 smartadserver.com
www9.smartadserver.com
1 KB
2 avplayer.com
player.avplayer.com
atrack.avplayer.com
71 KB
2 clean.gg
i.clean.gg
104 B
2 alexametrics.com
certify-js.alexametrics.com
certify.alexametrics.com
3 KB
2 wp.com
stats.wp.com
pixel.wp.com
3 KB
2 ytimg.com
i.ytimg.com
48 KB
2 polyfill.io
polyfill.io
709 B
1 onesignal.com
cdn.onesignal.com
3 KB
1 adentifi.com
rtb.adentifi.com
88 B
1 adgrx.com
cm.adgrx.com
408 B
1 rfihub.com
p.rfihub.com
778 B
1 adotmob.com
sync.adotmob.com
689 B
1 advertising.com
pixel.advertising.com
1 googletagservices.com
www.googletagservices.com
24 KB
1 gstatic.com
fonts.gstatic.com
15 KB
1 googleapis.com
fonts.googleapis.com
644 B
1 cloudfront.net
d1bvk193qme2fc.cloudfront.net
36 KB
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 gravatar.com
secure.gravatar.com
3 KB
1 google.de
www.google.de
107 B
1 google.com
www.google.com
107 B
166 41
Domain Requested by
20 mcd.ex.co heavy.com
player.avplayer.com
16 gdpr-consent-tool.privacymanager.io gdpr.privacymanager.io
gdpr-consent-tool.privacymanager.io
16 heavy.com 1 redirects heavy.com
8 cm.g.doubleclick.net 6 redirects u.openx.net
7 trends.revcontent.com assets.revcontent.com
d1bvk193qme2fc.cloudfront.net
5 images.revcontent.com
4 c1.adform.net 4 redirects
4 us-u.openx.net u.openx.net
4 eu-u.openx.net u.openx.net
4 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
4 tag.1rx.io player.aniview.com
4 eus.rubiconproject.com heavy.com
eus.rubiconproject.com
4 track1.aniview.com player.aniview.com
4 prd-collector-anon.ex.co player.ex.co
3 ssum-sec.casalemedia.com ssum.casalemedia.com
js-sec.indexww.com
3 match.adsrvr.org ssum.casalemedia.com
u.openx.net
3 sb.scorecardresearch.com 1 redirects heavy.com
3 gdpr-wrapper.privacymanager.io ads.adthrive.com
gdpr.privacymanager.io
3 ads.adthrive.com heavy.com
ads.adthrive.com
3 www.google-analytics.com heavy.com
www.google-analytics.com
2 pixel.quantserve.com 2 redirects
2 sync.mathtag.com 2 redirects
2 u.openx.net heavy.com
2 js-sec.indexww.com heavy.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 htlb.casalemedia.com player.aniview.com
2 prebid-server.rubiconproject.com player.aniview.com
2 playbuzzltd-d.openx.net player.aniview.com
2 www9.smartadserver.com 1 redirects
2 ssum.casalemedia.com 1 redirects heavy.com
2 ads.pubmatic.com heavy.com
2 player.aniview.com heavy.com
2 i.clean.gg d1bvk193qme2fc.cloudfront.net
2 gdpr.privacymanager.io gdpr-wrapper.privacymanager.io
gdpr-consent-tool.privacymanager.io
2 securepubads.g.doubleclick.net ads.adthrive.com
securepubads.g.doubleclick.net
2 i.ytimg.com heavy.com
2 polyfill.io heavy.com
1 cdn.onesignal.com d1bvk193qme2fc.cloudfront.net
1 token.rubiconproject.com
1 sync.aniview.com ssum.casalemedia.com
1 rtb.adentifi.com ssum.casalemedia.com
1 cm.adgrx.com ssum.casalemedia.com
1 p.rfihub.com 1 redirects
1 sync.adotmob.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 hbopenbid.pubmatic.com player.aniview.com
1 pixel.advertising.com heavy.com
1 secure-assets.rubiconproject.com 1 redirects
1 premiumsrv.aniview.com player.aniview.com
1 www.googletagservices.com d1bvk193qme2fc.cloudfront.net
1 atrack.avplayer.com
1 player.avplayer.com d1bvk193qme2fc.cloudfront.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com heavy.com
1 player.ex.co d1bvk193qme2fc.cloudfront.net
1 cdn.revcontent.com
1 img.revcontent.com
1 d1bvk193qme2fc.cloudfront.net assets.revcontent.com
1 assets.revcontent.com heavy.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1 certify.alexametrics.com
1 certify-js.alexametrics.com heavy.com
1 logger.adthrive.com ads.adthrive.com
1 secure.gravatar.com
1 www.google.de heavy.com
1 www.google.com heavy.com
1 pixel.wp.com heavy.com
1 stats.g.doubleclick.net www.google-analytics.com
1 stats.wp.com heavy.com
166 69
Subject Issuer Validity Valid
*.heavy.com
Network Solutions OV Server CA 2		 2020-12-22 -
2022-01-22		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-05-31 -
2021-08-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.adthrive.com
Amazon		 2020-08-02 -
2021-09-02		 a year crt.sh
*.privacymanager.io
Amazon		 2020-10-24 -
2021-11-23		 a year crt.sh
certify-js.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2020-09-10 -
2021-10-10		 a year crt.sh
assets.revcontent.com
R3		 2021-05-14 -
2021-08-12		 3 months crt.sh
revcontent.com
Amazon		 2020-07-08 -
2021-08-08		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
img.revcontent.com
R3		 2021-05-15 -
2021-08-13		 3 months crt.sh
cdn.revcontent.com
R3		 2021-05-16 -
2021-08-14		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2021-05-01 -
2021-07-30		 3 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2020-12-27 -
2022-01-28		 a year crt.sh
images.revcontent.com
R3		 2021-05-14 -
2021-08-12		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
outstreamedia.com
R3		 2021-05-25 -
2021-08-23		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh

This page contains 15 frames:

Primary Page: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Frame ID: F1838FB62222EFBFAB69C1070FCBD731
Requests: 109 HTTP requests in this frame

Frame: https://gdpr-consent-tool.privacymanager.io/1/index.html
Frame ID: E4FFD5A154C4AFE0219E438D34D0E346
Requests: 17 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: E82301945C76E42B7D7E51ABB24F5045
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D1%26key%3D
Frame ID: 3C52DE6E6B2DA2FA1A2CDFA758CD334D
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: A060A868520B333160668AA035D7E0DE
Requests: 3 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: 1D3148767B5A21D6ADB0A1C9D106300B
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D&s=190719&C=1
Frame ID: 70A3E97C18E9734F3CCE675DB79D6974
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 63C60D0FCB855E13E28E72E92A030D80
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 86F8B551B58337FC5E13B70BBA8314F6
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8AAA770F59AB42170DB47BE5F9C9DAC3
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 44E7F3166471B595CC45A9C80DB649B3
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 595294B22413AD320C50B27859829563
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DE8DD5A45EEFC5E8591F2A90934B2AF2
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://heavy.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 015F21D9AF42AFDDE00C3D230A3A662A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://heavy.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 021693C42077CCE158C72AC29EDFD96C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lott... HTTP 301
    https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lott... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

166
Requests

99 %
HTTPS

29 %
IPv6

41
Domains

69
Subdomains

54
IPs

7
Countries

4235 kB
Transfer

8239 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/ HTTP 301
    https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&ns__t=1624727438673&ns_c=UTF-8&cv=3.5&c8=Mavis%20Wanczyk%3A%205%20Fast%20Facts%20You%20Need%20to%20Know%20%7C%20Heavy.com&c7=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&ns__t=1624727438673&ns_c=UTF-8&cv=3.5&c8=Mavis%20Wanczyk%3A%205%20Fast%20Facts%20You%20Need%20to%20Know%20%7C%20Heavy.com&c7=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&c9=
Request Chain 115
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 117
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D&s=190719&C=1
Request Chain 118
  • https://www9.smartadserver.com/ac?siteid=338398&pgid=1184784&fmtid=86422&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=860076188772010257&pgdomain=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&vph=143&vpw=253&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00001qMZJwQAO,1,,Rev%20Content,heavy.com&cbb=4727442267 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=338398&pgid=1184784&fmtid=86422&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=860076188772010257&pgdomain=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&vph=143&vpw=253&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00001qMZJwQAO%2C1%2C%2CRev+Content%2Cheavy.com&cbb=4727442267&cklb=1
Request Chain 135
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNdfkgjvyxG9Z3Q1bo-oDwAABHQAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNdfkgjvyxG9Z3Q1bo-oDwAABHQAAAAB&dcc=t
Request Chain 137
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNdfkgjvyxG9Z3Q1bo-oDwAABHQAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YNdfkgjvyxG9Z3Q1bo-oDwAABHQAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPgFtMhSn1dKc8hOkrorYt8&google_cver=1
Request Chain 138
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNdfkgjvyxG9Z3Q1bo.oDwAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YNdfkgjvyxG9Z3Q1bo.oDwAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGRctpCzXQeO3cAKfdVyKCg&google_cver=1&gdpr=1&google_hm=2
Request Chain 139
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=066522040714899a90203ddc&expiration=[EXPIRATION]&gdpr=1
Request Chain 140
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471596222687271
Request Chain 152
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d34760d7-5f92-4e00-a871-5bd2f1431c14
Request Chain 153
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=W8ZzmliQLp5AxC6dX5I6mAuVJclAxiKaVcBEkROf
Request Chain 154
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1307826129709817480
Request Chain 157
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPXkyu1Iy8PCi1yHUoNraA8&google_cver=1
Request Chain 158
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=31f560d7-5f92-4500-b0db-038f5d45f16f
Request Chain 159
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wvtTNMGtDjDZ-Q4xwvsaM8H-UWHZrVJmwvqYgl0_
Request Chain 160
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3749648153260577280
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPXkyu1Iy8PCi1yHUoNraA8&google_cver=1

166 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Redirect Chain
  • http://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
  • https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
205 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
bdd478688e31a747306c6c07fe5599b06b045c7f2901b5b9a853c0f4d3565f0b

Request headers

:method
GET
:authority
heavy.com
:scheme
https
:path
/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Sat, 26 Jun 2021 17:10:34 GMT
content-type
text/html; charset=UTF-8
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://heavy.com/wp-json/>; rel="https://api.w.org/" <https://heavy.com/wp-json/wp/v2/posts/1546745>; rel="alternate"; type="application/json" <https://heavy.com/?p=1546745>; rel=shortlink
content-encoding
gzip
x-rq
ams5 102 61 3125
cache-control
max-age=300, must-revalidate
age
0
x-cache
miss
vary
Accept-Encoding
accept-ranges
bytes

Redirect headers

Server
nginx
Date
Sat, 26 Jun 2021 17:10:34 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
mavis-wanczyk-e1503598524940.jpg
heavy.com/wp-content/uploads/2017/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavy.com/wp-content/uploads/2017/08/mavis-wanczyk-e1503598524940.jpg?quality=65&strip=all&w=585
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d42596eb04af011a4f008dcd02a138297efc5f6d9d4798f19db15b1b7a2fbd02

Request headers

:path
/wp-content/uploads/2017/08/mavis-wanczyk-e1503598524940.jpg?quality=65&strip=all&w=585
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
heavy.com
referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:35 GMT
x-rq
ams5 109 88 443
last-modified
Sat, 26 Jun 2021 17:10:35 GMT
server
nginx
etag
"b4c5f0fe54b7d32a"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9004
expires
Sun, 26 Jun 2022 17:10:35 GMT
polyfill.min.js
polyfill.io/v3/ 		72 B
565 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=default%2CArray.prototype.find%2CIntersectionObserver%2CIntersectionObserverEntry%2CPromise%2Cfetch%2CElement.prototype.closest
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1001293
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Tue, 15 Jun 2021 02:39:29 GMT
date
Sat, 26 Jun 2021 17:10:35 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
iolazy.min.js
heavy.com/wp-content/themes/heavy/assets/dist/vendor/iolazy/ 		2 KB
965 B 		Script
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/iolazy/iolazy.min.js?ver=1623179100
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3bef51fe56f26bd5e2c23de215cc8b5bfe8bdbe752ac0dff1263f3bf38b5c8f

Request headers

:path
/wp-content/themes/heavy/assets/dist/vendor/iolazy/iolazy.min.js?ver=1623179100
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
heavy.com
referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:35 GMT
content-encoding
gzip
x-rq
ams5 102 87 3147
last-modified
Tue, 08 Jun 2021 19:04:58 GMT
server
nginx
age
440486
etag
W/"60bfbf5a-768"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
782
expires
Sun, 26 Jun 2022 17:10:35 GMT
main.js
heavy.com/wp-content/themes/heavy/assets/dist/js/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/js/main.js?ver=1623179100
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
91a2212c47b6ee6557bff3503bac1d5da5a744a8695e2f3f05483adef1cdd665

Request headers

:path
/wp-content/themes/heavy/assets/dist/js/main.js?ver=1623179100
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
heavy.com
referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:35 GMT
content-encoding
gzip
x-rq
ams5 96 234 3206
last-modified
Tue, 08 Jun 2021 19:05:01 GMT
server
nginx
age
440485
etag
W/"60bfbf5d-872b"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9598
expires
Sun, 26 Jun 2022 17:10:35 GMT
print.css
heavy.com/wp-content/themes/heavy/assets/dist/css/ 		699 B
485 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/css/print.css?ver=1623179100
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b925b10658e33e914afb403288724c44a82441e1bba11b3112c9e4e560dfe378

Request headers

:path
/wp-content/themes/heavy/assets/dist/css/print.css?ver=1623179100
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
heavy.com
referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:35 GMT
content-encoding
gzip
x-rq
ams5 103 24 3195
last-modified
Mon, 10 May 2021 17:03:28 GMT
server
nginx
age
440485
etag
W/"60996760-2bb"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
381
expires
Sun, 26 Jun 2022 17:10:35 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
5930
date
Sat, 26 Jun 2021 15:31:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Sat, 26 Jun 2021 17:31:45 GMT
polyfill.min.js
polyfill.io/v3/ 		72 B
144 B 		Other
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=default%2CArray.prototype.find%2CIntersectionObserver%2CIntersectionObserverEntry%2CPromise%2Cfetch%2CElement.prototype.closest
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1001293
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Tue, 15 Jun 2021 02:39:29 GMT
date
Sat, 26 Jun 2021 17:10:35 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
hqdefault.jpg
i.ytimg.com/vi/7kWnqvJM1mM/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/7kWnqvJM1mM/hqdefault.jpg
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
994e1f335c8d6049d4ed6cd0e51bc405f6af893be452182cccf92acac046de89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:35 GMT
x-content-type-options
nosniff
server
sffe
etag
"1503596583"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21749
x-xss-protection
0
expires
Sat, 26 Jun 2021 19:10:35 GMT
hqdefault.jpg
i.ytimg.com/vi/mE6hyCz47hI/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/mE6hyCz47hI/hqdefault.jpg
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8953087e8f4a44b9f406cb4ef4595ee905fe92165d28c13768e6502b334e8cb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:35 GMT
x-content-type-options
nosniff
server
sffe
etag
"1503598901"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26770
x-xss-protection
0
expires
Sat, 26 Jun 2021 19:10:35 GMT
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b76c15fe6a03e5aed60f3991681a4dcdce745d04051a7816925eac6bb748a9e1

Request headers

Origin
https://heavy.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/woff
poppins-v5-latin-ext_latin-regular.woff2
heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/poppins-v5-latin-ext_latin-regular.woff2
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
091bb0de0a818620d0fa529df0edee88a5ac2244b5396edbac0a527035cf4af7

Request headers

:path
/wp-content/themes/heavy/assets/dist/vendor/fonts/poppins-v5-latin-ext_latin-regular.woff2
pragma
no-cache
origin
https://heavy.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
heavy.com
referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://heavy.com
Referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:35 GMT
x-rq
ams5 101 93 3147
last-modified
Fri, 07 May 2021 15:41:00 GMT
server
nginx
age
212
etag
"60955f8c-28e0"
vary
X-Mobile-Class, Accept-Encoding
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
10464
expires
Sun, 26 Jun 2022 17:10:35 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=564290067&t=pageview&_s=1&dl=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&ul=en-us&de=UTF-8&dt=Mavis%20Wanczyk%3A%205%20Fast%20Facts%20You%20Need%20to%20Know%20%7C%20Heavy.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=578891080&gjid=962316148&cid=58653226.1624727436&tid=UA-1995064-1&_gid=727575354.1624727436&_r=1&_slc=1&cd1=tomwcleary46%20&cd2=news%20&cd3=5-fast-facts%20breaking-news%20massachusetts%20powerball%20&z=1604860576
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heavy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga.min.js
heavy.com/wp-content/themes/heavy/plugins/google-analytics/ 		889 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/plugins/google-analytics/ga.min.js?ver=1620477327
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
83edd49c75612c0bbbf5565072adde4e188adf5d1005ca57ed9582cdd6e445f8

Request headers

:path
/wp-content/themes/heavy/plugins/google-analytics/ga.min.js?ver=1620477327
pragma
no-cache
cookie
_ga=GA1.2.58653226.1624727436; _gid=GA1.2.727575354.1624727436; _gat=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
heavy.com
referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:35 GMT
content-encoding
gzip
x-rq
ams5 101 93 3147
last-modified
Fri, 07 May 2021 15:41:00 GMT
server
nginx
age
440419
etag
W/"60955f8c-379"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
449
expires
Sun, 26 Jun 2022 17:10:35 GMT
lazy-embeds.js
heavy.com/wp-content/plugins/xcurrent/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/plugins/xcurrent/assets/js/lazy-embeds.js?ver=c57591c3b029b4b1757c6f977f46cdb0
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e61a580a9c77e2d4074d6e4ccfbf54a1185a7d881a75e4148456e1857cfd1a6a

Request headers

:path
/wp-content/plugins/xcurrent/assets/js/lazy-embeds.js?ver=c57591c3b029b4b1757c6f977f46cdb0
pragma
no-cache
cookie
_ga=GA1.2.58653226.1624727436; _gid=GA1.2.727575354.1624727436; _gat=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
heavy.com
referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:35 GMT
content-encoding
gzip
x-rq
ams5 102 61 3125
last-modified
Sat, 08 May 2021 12:35:27 GMT
server
nginx
age
440486
etag
W/"6096858f-3081"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4190
expires
Sun, 26 Jun 2022 17:10:35 GMT
e-202125.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202125.js
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT ams
date
Sat, 26 Jun 2021 17:10:35 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 12 Jun 2022 22:51:42 GMT
lazy-embeds.css
heavy.com/wp-content/plugins/xcurrent/assets/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/plugins/xcurrent/assets/css/lazy-embeds.css?ver=0.1.4
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d8b1d4dcdcc05db5061f9fb013537608572a60aba2230b47ffa3541fcd6aaeae

Request headers

:path
/wp-content/plugins/xcurrent/assets/css/lazy-embeds.css?ver=0.1.4
pragma
no-cache
cookie
_ga=GA1.2.58653226.1624727436; _gid=GA1.2.727575354.1624727436; _gat=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
heavy.com
referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:35 GMT
content-encoding
gzip
x-rq
ams5 102 131 3151
last-modified
Mon, 21 Jun 2021 14:40:06 GMT
server
nginx
age
439419
etag
W/"60d0a4c6-2393"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2386
expires
Sun, 26 Jun 2022 17:10:35 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-1995064-1&cid=58653226.1624727436&jid=578891080&gjid=962316148&_gid=727575354.1624727436&_u=YEBAAEAAAAAAAC~&z=1614977782
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 26 Jun 2021 17:10:35 GMT
content-type
text/plain
access-control-allow-origin
https://heavy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.8.1&blog=176147951&post=1546745&tz=-4&srv=heavy.com&host=heavy.com&ref=&fcp=916&rand=0.8006026389437513
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:35 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
truncated
/ 		226 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9712ef9ac052eae2bda8044101fa925f05aabe2c2f7619b021d1f2925abeb132

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-1995064-1&cid=58653226.1624727436&jid=578891080&_u=YEBAAEAAAAAAAC~&z=1609437965
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-1995064-1&cid=58653226.1624727436&jid=578891080&_u=YEBAAEAAAAAAAC~&z=1609437965
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=564290067&t=event&_s=2&dl=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&ul=en-us&de=UTF-8&dt=Mavis%20Wanczyk%3A%205%20Fast%20Facts%20You%20Need%20to%20Know%20%7C%20Heavy.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Author%20Pageview&ea=Tom%20Cleary&el=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=58653226.1624727436&tid=UA-1995064-1&_gid=727575354.1624727436&cd1=tomwcleary46%20&cd2=news%20&cd3=5-fast-facts%20breaking-news%20massachusetts%20powerball%20&z=555105328
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 15:42:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5265
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
db4f92d64f29b8828a96f72740e9578a
secure.gravatar.com/avatar/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/db4f92d64f29b8828a96f72740e9578a?s=71&d=mm&r=pg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e24977673fa7e6020ba6a2fee6eeab33de641af9ddf8f44bbe702c67d7494938

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 26 Jun 2021 17:10:35 GMT
last-modified
Mon, 23 Feb 2015 20:28:26 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="db4f92d64f29b8828a96f72740e9578a.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/db4f92d64f29b8828a96f72740e9578a?s=71&d=mm&r=pg>; rel="canonical"
content-length
2348
expires
Sat, 26 Jun 2021 17:15:35 GMT
mavis-wanczyk-3.jpg
heavy.com/wp-content/uploads/2017/08/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavy.com/wp-content/uploads/2017/08/mavis-wanczyk-3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9e40a50299d8138104fc0f17767757ff98681929e3a1ed90f38f02e8d8b92efe

Request headers

:path
/wp-content/uploads/2017/08/mavis-wanczyk-3.jpg
pragma
no-cache
cookie
_ga=GA1.2.58653226.1624727436; _gid=GA1.2.727575354.1624727436; _gat=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
heavy.com
referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:35 GMT
x-rq
ams5 109 84 443
last-modified
Mon, 04 Nov 2019 08:07:15 GMT
server
nginx
etag
"ab42b8a5a172d7e2"
x-cache
MISS
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
78593
expires
Sun, 26 Jun 2022 17:10:35 GMT
ads.min.js
ads.adthrive.com/sites/5ad7479721520f50ab7da88e/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5ad7479721520f50ab7da88e/ads.min.js?threshold=78
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-29.fra50.r.cloudfront.net
Software
CloudFront /
Resource Hash
3a8350bb64801d45c4d9ace04464d2d87d67c441cb8d63017933f1ad999bd959

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

adthrive-bucket
flex-05:con
date
Fri, 25 Jun 2021 21:01:42 GMT
content-encoding
gzip
adthrive-deployment
ad-1053:pr1669:flex-05:c3c2df0:con
age
72534
adthrive-commit
4f9bcd2
x-cache
Hit from cloudfront
content-length
7715
adthrive-pathname
server
CloudFront
vary
Accept-Encoding,Referer
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
cache-control
max-age=3600, s-maxage=86400
x-amz-cf-pop
FRA50-C1
access-control-allow-origin
*
x-amz-cf-id
8fIMUZsl1TI0inyv55BlhZIpIx-trf3r4B-exJJPkdOXV9kvJFuHcg==
adthrive-hostname
heavy.com
adthrive.min.js
ads.adthrive.com/builds/core/4f9bcd2/js/ 		376 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/4f9bcd2/js/adthrive.min.js?threshold=0&deployment=ad-1053:pr1669:flex-05:c3c2df0:con&cb=1624727436805
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ad7479721520f50ab7da88e/ads.min.js?threshold=78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-29.fra50.r.cloudfront.net
Software
CloudFront /
Resource Hash
b1b260b592fc81d39065eed1b5756a3f449b8331e9547a8495db921a3d5484de

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 03:32:09 GMT
content-encoding
gzip
server
CloudFront
age
49107
etag
"368aa855f0c6824a6a21d152dd5cfd94"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
cache-control
max-age=3600, s-maxage=86400
x-amz-cf-pop
FRA50-C1
content-length
88986
x-amz-cf-id
kZZILrJf9GCjoobqhOlVf4IXpG-GMl42_j0g_JFOFhHiAhWXwdEzNw==
gdpr-liveramp.js
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ 		406 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/gdpr-liveramp.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/4f9bcd2/js/adthrive.min.js?threshold=0&deployment=ad-1053:pr1669:flex-05:c3c2df0:con&cb=1624727436805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4200:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf64b24d1e695f8e3c05db08ac114516bf4520b2954d90caf18fa20ba3dc6919

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 17:12:16 GMT
content-encoding
gzip
age
86301
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="gdpr-liveramp.js"
last-modified
Thu, 03 Jun 2021 13:29:41 GMT
server
AmazonS3
etag
W/"404631a3b7757b4211ad165a3ddb2758"
vary
Accept-Encoding
x-amz-version-id
zx_6m5gG2bCkLdhvUi3OtMfPa4r7tSOM
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
T8RjJoCMZPF84fYZFWIfZ0bHrBNfLezMo4TVnevXcRrV7udfcQ8iqA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/4f9bcd2/js/adthrive.min.js?threshold=0&deployment=ad-1053:pr1669:flex-05:c3c2df0:con&cb=1624727436805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
3402776a33a86697fbb5c364616233576bb1f0d8a79a8fb5577e4de59224c028
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"913 / 962 of 1000 / last-modified: 1624658963"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23731
x-xss-protection
0
expires
Sat, 26 Jun 2021 17:10:36 GMT
prebid.min.js
ads.adthrive.com/builds/core/4f9bcd2/gdpr/vendor/prebid/ 		396 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/4f9bcd2/gdpr/vendor/prebid/prebid.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/4f9bcd2/js/adthrive.min.js?threshold=0&deployment=ad-1053:pr1669:flex-05:c3c2df0:con&cb=1624727436805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-29.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03b199058f235d8279ad17ff8a744b2e24e15ad3fa5d3a1d6203e053fa5f03a8

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ef5vKlL06ywMvWlWVfzIcGU.G5rQDMzg
content-encoding
gzip
last-modified
Wed, 23 Jun 2021 12:53:20 GMT
server
AmazonS3
age
2886
etag
W/"fa6260247ec8118edf6c0b3294d41a52"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sat, 26 Jun 2021 16:22:30 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
WVqJQ0VdMAZZ3vU2xL_RH2_zvDyfPspbNoHN5I4JE1sKMkTEpMj4Gg==
gdpr.bundle.js
gdpr.privacymanager.io/1/ 		178 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr.privacymanager.io/1/gdpr.bundle.js
Requested by
Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/gdpr-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:800:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c97fa680ab8feab09e2d28bdad2af0e0882e645914192285ed125b45474e9519

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 26 Jun 2021 16:28:35 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:27:56 GMT
server
AmazonS3
age
2522
etag
W/"22f0bd0cbd46a1955a55eb87282c9d46"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
W7yB1.UgaEceRQmAW3RsVGdfCwIrj73e
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-pop
AMS1-C1
content-type
application/x-javascript
x-amz-cf-id
zEGw8rmI6ppOUymucpPv6M9n52RJ2TUDsLC1SfOTGJgu35v1MvFpyg==
pubads_impl_2021062205.js
securepubads.g.doubleclick.net/gpt/ 		326 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
e4fb5243d8f71436420d15fbf9dbc1b5b2d7b96d1e186d7f24c8a143ae2de492
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Jun 2021 16:13:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116215
x-xss-protection
0
expires
Sat, 26 Jun 2021 17:10:37 GMT
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
Protocol
H2
Server
2600:9000:2156:4200:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://heavy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Fri, 25 Jun 2021 17:12:16 GMT
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-allow-headers
content-type
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
wTvnuej-29cLu8RQB7tyb0hOlZg954HOQ2dZfImcYTjnUkJ6ZAAgGw==
age
86302
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ 		61 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/1/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4200:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
181f0d62049815430c888f34ae443e5da2f467fec12a45739034900704b19940

Request headers

Accept
application/json
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-amz-version-id
2pgBpESxgXC05K58ncdPG4V5jAqmhTee
content-encoding
gzip
etag
W/"e5f93feca2fa84e338823f24c5ed1d98"
age
3495
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Fri, 25 Jun 2021 17:06:19 GMT
server
AmazonS3
date
Sat, 26 Jun 2021 16:12:23 GMT
access-control-allow-methods
GET
content-type
application/json
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
zhibsnpXTOp6E6E3IqRkY_mNVyIJsIOjegDPK7Dop-5Pv9hTdF7Mdw==
index.html
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		1 KB
1015 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/index.html
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/1/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fecf08d48dbc946b3487abedf98eda2cc270626b457f350347e67729bb4c007c

Request headers

:method
GET
:authority
gdpr-consent-tool.privacymanager.io
:scheme
https
:path
/1/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heavy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heavy.com/

Response headers

content-type
text/html
date
Thu, 24 Jun 2021 10:26:58 GMT
last-modified
Thu, 24 Jun 2021 10:26:37 GMT
etag
W/"b8061b8850e21ea20dba03d10b1747ea"
x-amz-server-side-encryption
AES256
cache-control
must-revalidate,public,max-age=604800
x-amz-version-id
cfbfGhigK_jxE103XvgwMeoLgo7V6WhR
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
qZuidHmB9EbjktiWd71xeER9DrTYFJlRdxEVOgnHSLuBYZgS08C46w==
age
197020
error
logger.adthrive.com/ 		21 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/error?siteId=5ad7479721520f50ab7da88e&siteName=Heavy&bucket=flex-05%3Acon&branch=4f9bcd2&deployment=ad-1053%3Apr1669%3Aflex-05%3Ac3c2df0%3Acon&message=index%3A%3Aload&pageurl=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&body=%5B%7B%22name%22%3A%22Error%22%2C%22message%22%3A%22Cannot%20inject%20the%20dependency%20at%20position%20%230%20of%20%5C%22e%5C%22%20constructor.%20Reason%3A%5Cn%20%20%20%20Cannot%20inject%20the%20dependency%20at%20position%20%234%20of%20%5C%22e%5C%22%20constructor.%20Reason%3A%5Cn%20%20%20%20%20%20%20%20Cannot%20read%20property%20%27getItem%27%20of%20null%22%2C%22stack%22%3A%22Error%3A%20Cannot%20inject%20the%20dependency%20at%20position%20%230%20of%20%5C%22e%5C%22%20constructor.%20Reason%3A%5Cn%20%20%20%20Cannot%20inject%20the%20dependency%20at%20position%20%234%20of%20%5C%22e%5C%22%20constructor.%20Reason%3A%5Cn%20%20%20%20%20%20%20%20Cannot%20read%20property%20%27getItem%27%20of%20null%5Cn%20%20%20%20at%20https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4f9bcd2%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%26deployment%3Dad-1053%3Apr1669%3Aflex-05%3Ac3c2df0%3Acon%26cb%3D1624727436805%3A17%3A60539%5Cn%20%20%20%20at%20Array.map%20(%3Canonymous%3E)%5Cn%20%20%20%20at%20e.construct%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4f9bcd2%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%26deployment%3Dad-1053%3Apr1669%3Aflex-05%3Ac3c2df0%3Acon%26cb%3D1624727436805%3A17%3A59948)%5Cn%20%20%20%20at%20e.resolveRegistration%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4f9bcd2%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%26deployment%3Dad-1053%3Apr1669%3Aflex-05%3Ac3c2df0%3Acon%26cb%3D1624727436805%3A17%3A57296)%5Cn%20%20%20%20at%20e.resolve%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4f9bcd2%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%26deployment%3Dad-1053%3Apr1669%3Aflex-05%3Ac3c2df0%3Acon%26cb%3D1624727436805%3A17%3A55624)%5Cn%20%20%20%20at%20https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4f9bcd2%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%26deployment%3Dad-1053%3Apr1669%3Aflex-05%3Ac3c2df0%3Acon%26cb%3D1624727436805%3A17%3A370397%22%7D%5D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/4f9bcd2/js/adthrive.min.js?threshold=0&deployment=ad-1053:pr1669:flex-05:c3c2df0:con&cb=1624727436805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-27.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:38 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified
Thu, 12 Nov 2020 16:17:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"711ef07ada64abbd94e9099392aa8d74"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
21
x-amz-cf-id
RzDdTwq3jVj6V0DQIc6rV9jtIpxcXLraGGBXS_VwLBfx9NvaFjfouA==
styles.css
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		91 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/styles.css
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4efe1d16c96feabd364e4d7e76594375fe14baa82f39c3175495e30cad984721

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 24 Jun 2021 10:26:58 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:26:53 GMT
server
AmazonS3
age
197020
etag
W/"0bc4b0394aaddb6982a46cc04faad633"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
B6KKRZbPIYBYXRVsrXtVgM5Y1brWHXzI
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
5RsS5gUMabRqpJ8o5KwTnlsaA75WUrraQmqTI882dNdx7GjAEalFOw==
openSans.css
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/openSans.css
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1914ca42bb572803bbfc1d0b2ace7e247e468872f699b3a2558e3f68cb214844

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 24 Jun 2021 10:26:58 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:26:53 GMT
server
AmazonS3
age
197020
etag
W/"d019db8cca1375f50efd3f2c0c2d8677"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
SFrEQyum2kWwCb5oP599ly3NTuCDIyr7
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
HkDIFdXDthTuvVugTWNzKcPqqk_hb4uSlDVj2bU-lTzFkLmRJmXrjg==
runtime.js
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/runtime.js
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
250a0280938365d9f83769f776b3834a605a6560ca3df785029ba97b6ddd5c4e

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 24 Jun 2021 10:26:58 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:26:51 GMT
server
AmazonS3
age
197020
etag
W/"5fe48064a68c5e51f208fb444eb5a84a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
brtoa.0q1r.1kvdA7XtvgKPwvHqjjhme
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
sDtq6u3XcZfuzwhWTUz3gfN3syroGKbmncizYWx02oN1Tvtp3c3lfA==
polyfills.js
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/polyfills.js
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c04106baf1333a6d9411aff493577c67786b171cfa91501c8eb3e31405b3059

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 24 Jun 2021 10:26:58 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:26:41 GMT
server
AmazonS3
age
197020
etag
W/"d40fc0a76f5b7cbdbb3f7a15f1038a44"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
p89K9EnLR515UCNt0BcTn46Xx4T3XhSs
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
o133AYjvx7KRY-W0O2Xrjll8KtSlUaLwNKhXyS59IqtyAWJIVQUvRA==
vendor.js
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		790 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/vendor.js
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7350bb75942e413bb52e0bf1d926005900ff9434b508ed4edaa0b0499a1c8102

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 24 Jun 2021 10:26:58 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:26:53 GMT
server
AmazonS3
age
197020
etag
W/"8449408ff49090fb5b2350e483e6d60a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Up_1_mlb9a_8DtVkVSJBtL6CQAmCP9Lv
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
A1D9FBg8RTn_dabeanr6p7b2cfI02Vn-YUkzuBhsEQrMDFJO5yuFaA==
main.js
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/main.js
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c40d78f0ecc377f734bb18c439b373bcbf56b270e7dc36881530bd0df8747e00

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 24 Jun 2021 10:26:58 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:26:53 GMT
server
AmazonS3
age
197020
etag
W/"e61a5e4bbbb4d519d0691f7af42a7fde"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
mrYq_wYU3zQ35yRUMzVTEMd6xJ02AKLU
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
xgvsQHUqG6A6S5zDBzuEXHgfQ1eQteP1RsmlfYrqY6XbFFO8kR5qZQ==
defaultTheme.css
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/defaultTheme.css
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 24 Jun 2021 10:26:58 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:26:35 GMT
server
AmazonS3
age
197020
etag
W/"6c457916283aea0c2b8747ac85f13edc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
ta7vjQ5yDmN4cGAPe_aksmMdX4tqAdpR
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
m3Mq21-gypMRxhlsGmdAAbUbEATiyc1chtnXdL3EcSriOjyBoJBWDQ==
1.js
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/1.js
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08e09e4e53b198adc0ed96125e782d6af8093e2398705fc5203bf86c5d4289ba

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 24 Jun 2021 10:26:58 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:26:45 GMT
server
AmazonS3
age
197020
etag
W/"7cef3e70bfd4cbb6e8ca5c71047845a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
BILrgENF6WuU_9PHJCTGA61V2WYTKm7u
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
YW8MWJ6vMiwI_nFZ_DYWHovDhRzgew-pDHD6wQIokEDGGcIo1jO7lw==
18.js
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/18.js
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f8162b4fca3ecc399476070ceb9db4d66c82121cef7bcc8311ae0cff5b2a654

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 24 Jun 2021 10:26:58 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:26:49 GMT
server
AmazonS3
age
197020
etag
W/"fc9bdecb2016020bbba06e117bdefa9f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
uIi3h8CMRvKHkBXWBEgLbXFrPXkMYni0
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
VYWRFMy-8urdxaJRy6vkVbtnriO3A08En3i6NI5UFoCJoKjYSVmUTQ==
blueLagoon.css
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/blueLagoon.css
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
320e14c207c17720156533cf7cfffff2f56cf79969781edf13a0cad956fc5ad1

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 24 Jun 2021 10:26:58 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:26:43 GMT
server
AmazonS3
age
197020
etag
W/"4a7bc4259517608a495b868b8e30766b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
seLh34kQlR9pPSzZAqUp6JG9ukaJfPQb
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
VhN2he7xwau_IJbq4FcFJUqoleJXCxZap2v9F-MXHkLRwKomnyC0Kg==
17.js
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		114 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/17.js
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02cc1dd24f16bcd3e8d059586aefa75dfefd53c8ba8885da27f7a57985c2d2e7

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 24 Jun 2021 10:26:58 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 10:26:40 GMT
server
AmazonS3
age
197020
etag
W/"8262ea48508b2ef9cd289febd8a00acd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
n3331Cc9e6PIkalf6IN7jTFVRFgYLMng
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
jBv9-8CvsEohM0v41M5lRCF34Heh1bX2LnmL4T8N3gqv6qpAAXevsA==
open-sans-latin-400-normal.woff2
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/open-sans-latin-400-normal.woff2
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Request headers

Origin
https://gdpr-consent-tool.privacymanager.io
Referer
https://gdpr-consent-tool.privacymanager.io/1/openSans.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:26:58 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
age
197020
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14440
last-modified
Thu, 24 Jun 2021 10:26:39 GMT
server
AmazonS3
etag
"ff9d619b59f5cb3529b100448f398ac5"
access-control-allow-methods
GET
x-amz-version-id
xArD.uBVuT1h.aTi1WwtBeiEPKa8hUwb
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
nOJUg0EY1n3_aZZI9i0yQSrIMJkzLJY1A_JNb5R3FQr-OvXTpZQ_JQ==
icon-chevron-left.svg
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		441 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdpr-consent-tool.privacymanager.io/1/icon-chevron-left.svg
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/blueLagoon.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a

Request headers

Origin
https://gdpr-consent-tool.privacymanager.io
Referer
https://gdpr-consent-tool.privacymanager.io/1/blueLagoon.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:26:58 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
age
197020
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
441
last-modified
Thu, 24 Jun 2021 10:26:36 GMT
server
AmazonS3
etag
"e2760515a843a0256b4b810489b5426b"
access-control-allow-methods
GET
x-amz-version-id
BrEOmFGqsqB73KibDSAeZDMy0smKRkR.
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/svg+xml
x-amz-cf-id
ykrbhWH_YDnit_3hy7ihtCOaAI1EUMyEGnHh06kb7wenSOl0QCAlWw==
open-sans-latin-700-normal.woff2
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/open-sans-latin-700-normal.woff2
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Request headers

Origin
https://gdpr-consent-tool.privacymanager.io
Referer
https://gdpr-consent-tool.privacymanager.io/1/openSans.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:26:58 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
age
197020
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15112
last-modified
Thu, 24 Jun 2021 10:26:51 GMT
server
AmazonS3
etag
"b596676fc00af9806c16a12e9a0350f8"
access-control-allow-methods
GET
x-amz-version-id
xIlPRCRmA3mHGOHZXigMgpAhjwXHTB4K
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
OT1adOZvMfltX-SNyDvFqWri7i0JfenAXZK4POxclhBP5NX5tdRxaw==
open-sans-latin-600-normal.woff2
gdpr-consent-tool.privacymanager.io/1/ Frame E4FF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/open-sans-latin-600-normal.woff2
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Request headers

Origin
https://gdpr-consent-tool.privacymanager.io
Referer
https://gdpr-consent-tool.privacymanager.io/1/openSans.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:26:58 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
age
197020
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14956
last-modified
Thu, 24 Jun 2021 10:26:45 GMT
server
AmazonS3
etag
"4334c2753ff9f057d9de926e66882c9e"
access-control-allow-methods
GET
x-amz-version-id
D1zsOiv1KW7hJjU8zpz2loS0PhEG9BPe
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
t6zxAO9Bx7dr4XJxh1sy9obqyEpO8a1dnfncQmT_gX4vtARqT-de-g==
fingerprint-logo.png
gdpr.privacymanager.io/1/ Frame E4FF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdpr.privacymanager.io/1/fingerprint-logo.png
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:800:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48307114877d5b07454707dd9e225619dc2b438b76558e29748f1f9aee0bbf5a

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
c31EOzMoBUq7u8osYY80APp8_CgaN2C_
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
etag
"b7cdca038062eecdc45c7351c6a539ad"
last-modified
Thu, 24 Jun 2021 10:27:55 GMT
server
AmazonS3
age
2416
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
must-revalidate,public,max-age=3600
date
Sat, 26 Jun 2021 16:30:22 GMT
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
2962
x-amz-cf-id
QNdsqGzlJJATlrIvBBtICzwb7REWUf5a571_SKTSvi1D76SrAhjdyg==
heavy-samesite-cookie-widget.js
heavy.com/wp-content/themes/heavy/plugins/heavy-samesite-cookie-widget/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/plugins/heavy-samesite-cookie-widget/js/heavy-samesite-cookie-widget.js
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5293b05c3ff1365790debd62d063842f883107d47dfbda18eb4a3a2d9bb52e6a

Request headers

:path
/wp-content/themes/heavy/plugins/heavy-samesite-cookie-widget/js/heavy-samesite-cookie-widget.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
heavy.com
referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:38 GMT
content-encoding
gzip
x-rq
ams5 101 93 3147
last-modified
Fri, 07 May 2021 15:41:00 GMT
server
nginx
age
506202
etag
W/"60955f8c-1190"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1424
expires
Sun, 26 Jun 2022 17:10:38 GMT
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 06:38:31 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
2889128
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
va-Hsf8CulR_DwHb_6lj5wIXJmZrNlTdj8k7isIMfbQjfZ6O_9IpUg==
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:05:54 GMT
via
1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
845
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
cZB5pPBwpcWvI4t6tzIryebooBm9zl8n-3i0WYu0hubu_nhpmTX1-g==
atrk.gif
certify.alexametrics.com/ 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Mavis%20Wanczyk%3A%205%20Fast%20Facts%20You%20Need%20to%20Know%20%7C%20Heavy.com&time=1624727438671&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&random_number=1533399828&sess_cookie=437066e117a494d454ea43ffaa5&sess_cookie_flag=1&user_cookie=437066e117a494d454ea43ffaa5&user_cookie_flag=1&dynamic=true&domain=heavy.com&account=lfktn1QolK10vg&jsv=20130128&user_lang=en-US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 26 Jun 2021 01:58:43 GMT
Via
1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
54716
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
AMS1-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
OY1k-aL6lTZStvE_BpeO-3xo8Z63o2jGRkG6LdEwhgd6JFjS6HW-hQ==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.142.157.144 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:38 GMT
server
Server
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&ns__t=1624727438673&ns_c=UTF-8&cv=3.5&c8=Mavis%20Wanczyk%3A%205%20Fast%20Facts%20You%20Need%20to%20Know%20%7C%20Heavy.com&c7=https%3A%2F%2Fheavy....
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&ns__t=1624727438673&ns_c=UTF-8&cv=3.5&c8=Mavis%20Wanczyk%3A%205%20Fast%20Facts%20You%20Need%20to%20Know%20%7C%20Heavy.com&c7=https%3A%2F%2Fheavy...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&ns__t=1624727438673&ns_c=UTF-8&cv=3.5&c8=Mavis%20Wanczyk%3A%205%20Fast%20Facts%20You%20Need%20to%20Know%20%7C%20Heavy.com&c7=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:38 GMT
via
1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
psc6eVAKuzKkgX8W7AfI5_gobzDoLQx2QKqyDMMs8aGZqzyJslSCBQ==

Redirect headers

date
Sat, 26 Jun 2021 17:10:38 GMT
via
1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&ns__t=1624727438673&ns_c=UTF-8&cv=3.5&c8=Mavis%20Wanczyk%3A%205%20Fast%20Facts%20You%20Need%20to%20Know%20%7C%20Heavy.com&c7=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&c9=
content-length
318
x-amz-cf-id
bjNyp6A5gcTb0TAi6Z1gWYbgqVhkWSrKltW53DWBNAm5PsRP8HnMCA==
pt-serif-v9-latin-ext_latin-regular.woff2
heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/pt-serif-v9-latin-ext_latin-regular.woff2
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1060ed99e26a253331d797ce0353b9aa7ffc012b7cf80da7bacf43749c06114e

Request headers

sec-fetch-mode
cors
origin
https://heavy.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__asc=437066e117a494d454ea43ffaa5; __auc=437066e117a494d454ea43ffaa5
:path
/wp-content/themes/heavy/assets/dist/vendor/fonts/pt-serif-v9-latin-ext_latin-regular.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
heavy.com
referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://heavy.com
Referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:39 GMT
x-rq
ams5 102 131 3151
last-modified
Thu, 06 May 2021 18:21:36 GMT
server
nginx
age
1803
etag
"609433b0-a580"
x-cache
grace
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
42368
expires
Sun, 26 Jun 2022 17:10:39 GMT
pt-serif-v9-latin-ext_latin-italic.woff2
heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/pt-serif-v9-latin-ext_latin-italic.woff2
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b1d24638581b5833b799ae0f4eac192daf1f2530fb04670f7f2ea467b2ee3a3c

Request headers

sec-fetch-mode
cors
origin
https://heavy.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__asc=437066e117a494d454ea43ffaa5; __auc=437066e117a494d454ea43ffaa5
:path
/wp-content/themes/heavy/assets/dist/vendor/fonts/pt-serif-v9-latin-ext_latin-italic.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
heavy.com
referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://heavy.com
Referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:39 GMT
x-rq
ams5 102 61 3125
last-modified
Sat, 08 May 2021 12:35:27 GMT
server
nginx
age
937
etag
"6096858f-af88"
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
44936
expires
Sun, 26 Jun 2022 17:10:39 GMT
pt-serif-v9-latin-ext_latin-700.woff2
heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/pt-serif-v9-latin-ext_latin-700.woff2
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3f26811b5f4170494b7a5a22af74cef7086f9952b2db9940b94a9244f2da47ed

Request headers

sec-fetch-mode
cors
origin
https://heavy.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__asc=437066e117a494d454ea43ffaa5; __auc=437066e117a494d454ea43ffaa5
:path
/wp-content/themes/heavy/assets/dist/vendor/fonts/pt-serif-v9-latin-ext_latin-700.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
heavy.com
referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://heavy.com
Referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:40 GMT
x-rq
ams5 102 87 3147
last-modified
Fri, 30 Apr 2021 19:15:21 GMT
server
nginx
age
1521
etag
"608c5749-9090"
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
37008
expires
Sun, 26 Jun 2022 17:10:40 GMT
pt-serif-v9-latin-ext_latin-700italic.woff2
heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/pt-serif-v9-latin-ext_latin-700italic.woff2
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4d6c9287e830a38a21589c9424279b96eb2cc82e9093fd3518c89fb65d7b6e52

Request headers

sec-fetch-mode
cors
origin
https://heavy.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__asc=437066e117a494d454ea43ffaa5; __auc=437066e117a494d454ea43ffaa5
:path
/wp-content/themes/heavy/assets/dist/vendor/fonts/pt-serif-v9-latin-ext_latin-700italic.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
heavy.com
referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://heavy.com
Referer
https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:40 GMT
x-rq
ams5 102 123 3096
last-modified
Tue, 11 May 2021 20:43:59 GMT
server
nginx
age
344
etag
"609aec8f-8ce8"
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
36072
expires
Sun, 26 Jun 2022 17:10:40 GMT
delivery.js
assets.revcontent.com/master/ 		364 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
244954d649a7cb8c905c704fa7e221fcf5fc189fbfaaff4e7ec0db7edac29f53

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:40 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 18:57:07 GMT
server
AmazonS3
x-amz-request-id
07BZA4SNM1ZQ0DRX
etag
"5fc8e4beaa487ce7be5fed3a24c7c5ab"
x-hw
1624727440.cds057.am5.hn,1624727440.cds109.am5.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
104580
x-amz-id-2
Q7regeu7imQ+A0oGH7veA7ReCdNQ8zsLPwBtRJLMnS1zGybxZ2wKp0OmhOnqSwZmIgCd+6LD+w0=
/
trends.revcontent.com/api/demand/ 		52 B
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=72364&gdpr=1
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.73.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://heavy.com
date
Sat, 26 Jun 2021 17:10:40 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.revcontent.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync?gdpr=1
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.73.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://heavy.com
date
Sat, 26 Jun 2021 17:10:40 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.73.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://heavy.com
date
Sat, 26 Jun 2021 17:10:40 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
/
trends.revcontent.com/api/delivery/ 		24 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=false&w=72364&width=1600&gdpr=1&rev_allow_cookies=0&site_url=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&icr_url=&va=0&time=1624727440839&up=pc&bn=chrome&bv=89&widget_width=775
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.73.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
0009ea685ef64d7504629f9cc5b111c7076d64cf6318a369471ed5e4ce607dfd
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://heavy.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
9765
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.73.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://heavy.com
date
Sat, 26 Jun 2021 17:10:41 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
script.js
d1bvk193qme2fc.cloudfront.net/ 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1bvk193qme2fc.cloudfront.net/script.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:1400:19:f03c:7200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc75abc047c90d66547ba283c5d9a427dce1a03813cb699eadbb7c8dfda4d945

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:05:30 GMT
content-encoding
gzip
last-modified
Fri, 25 Jun 2021 15:19:41 GMT
server
AmazonS3
age
314
etag
W/"a9a0e3d844868bf84598cf885f8c38f9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
jPylgPKP5tyoUoAJsGKFhCZQ3aqyW6go-t5Tvq-oLk9NMcCxfm5EZQ==
/
img.revcontent.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
last-modified
Wed, 01 Jul 2020 17:13:25 GMT
etag
"1593623605"
x-hw
1624727441.cds111.am5.hn,1624727441.cds012.am5.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20438
rc-logo.png
cdn.revcontent.com/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
last-modified
Thu, 17 Jun 2021 20:13:47 GMT
etag
"1623960827"
x-hw
1624727441.cds078.am5.hn,1624727441.cds221.am5.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=44
accept-ranges
bytes
content-length
4298
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://heavy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Sat, 26 Jun 2021 17:10:41 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
7017b1f8-2e26-4d1c-bf8e-ee502a676c19
player.ex.co/player/ 		613 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/7017b1f8-2e26-4d1c-bf8e-ee502a676c19?subId=72364
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9d241430f4ee4dc8a5d38e2e0f88a6ae2a27624425c95d8c7865f7e4173cf9ca

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
content-encoding
gzip
age
0
x-cache
HIT, MISS
access-control-max-age
600
content-length
188334
x-served-by
cache-dca17772-DCA, cache-fra19178-FRA
access-control-allow-origin
*
server
nginx
x-timer
S1624727441.364789,VS0,VE91
etag
W/"99483-cQ6gubcu44+79wTdJrDw7eTyp5Q"
vary
Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1, 0
5e4fc411132ce2-90926110.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5e4fc411132ce2-90926110.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
7f8b8a6213e637edfa0f1384e506a7271dd6d2dde8664cf23f4f2f900cb25448
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 14:16:27 GMT
server
Cloudinary
etag
"10f98829de0ec422862e76e7ee9c502c"
strict-transport-security
max-age=604800
x-hw
1624727441.cds101.am5.hn,1624727441.cds127.am5.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=1;cpu=0;start=2021-05-06T14:17:52.902Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
4408
50a82a2c9805e0e1ba79f5e6f90c0b39.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/50a82a2c9805e0e1ba79f5e6f90c0b39.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
140f52502d3116fa8b594b651aed07f4457e510a86aa809ef884acc5d7f4cca2
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
x-content-type-options
nosniff
server-timing
fastly;dur=479;cpu=0;start=2021-05-06T14:20:15.396Z;desc=miss,rtt;dur=0,cloudinary;dur=391;start=2021-05-06T14:20:15.438Z,cld-id;desc=e90e573739d4906d55c89c66b0eb744b
content-length
7774
x-request-id
e90e573739d4906d55c89c66b0eb744b
last-modified
Fri, 26 Mar 2021 15:50:18 GMT
server
Cloudinary
etag
"c40c3f2d13f31489c194bc7b98d44d32"
strict-transport-security
max-age=604800
x-hw
1624727441.cds101.am5.hn,1624727441.cds253.am5.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
5ec24b00b1d954-99957121.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5ec24b00b1d954-99957121.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
7f6be2077fdddaa27b13ec3048929b8d50acae167c9a2e71c5d81457e58d90c7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 14:16:22 GMT
server
Cloudinary
etag
"779499f4d8a5172486638c033ca30eca"
strict-transport-security
max-age=604800
x-hw
1624727441.cds101.am5.hn,1624727441.cds134.am5.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=115;cpu=0;start=2021-05-06T14:17:54.149Z;desc=miss,rtt;dur=19,cloudinary;dur=15;start=2021-05-06T14:17:54.198Z
accept-ranges
bytes
timing-allow-origin
*
content-length
11474
636f3ea27ce95f2f9e404ef0b9911ccd.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/636f3ea27ce95f2f9e404ef0b9911ccd.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
3c1724d0e0546a35d6b35d39aad7cc66c49560de978c5e713dd275b81b420bac
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 14:16:33 GMT
server
Cloudinary
etag
"b5138cca785922281176548381135785"
strict-transport-security
max-age=604800
x-hw
1624727441.cds101.am5.hn,1624727441.cds240.am5.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=125;cpu=0;start=2021-05-06T14:17:28.913Z;desc=miss,rtt;dur=19,cloudinary;dur=22;start=2021-05-06T14:17:28.965Z
accept-ranges
bytes
timing-allow-origin
*
content-length
7506
1c52cbf3596f1dc96620b47bb74f1924.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/1c52cbf3596f1dc96620b47bb74f1924.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
bee63f2099ff4816beb79cb3e0270d796b7c0438a5b67dcb31392d54ae75e6c9
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 14:20:56 GMT
server
Cloudinary
etag
"171050e8c7aea7d469ac04238a093467"
strict-transport-security
max-age=604800
x-hw
1624727441.cds101.am5.hn,1624727441.cds204.am5.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=122;cpu=0;start=2021-05-06T14:26:20.243Z;desc=miss,rtt;dur=19,cloudinary;dur=21;start=2021-05-06T14:26:20.293Z
accept-ranges
bytes
timing-allow-origin
*
content-length
7753
events
prd-collector-anon.ex.co/main/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7017b1f8-2e26-4d1c-bf8e-ee502a676c19?subId=72364
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://heavy.com
date
Sat, 26 Jun 2021 17:10:41 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 26 Jun 2021 15:47:49 GMT
server
ESF
date
Sat, 26 Jun 2021 17:10:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Jun 2021 17:10:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://heavy.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 10:48:51 GMT
x-content-type-options
nosniff
age
282110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 10:48:51 GMT
events
prd-collector-anon.ex.co/main/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7017b1f8-2e26-4d1c-bf8e-ee502a676c19?subId=72364
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://heavy.com
date
Sat, 26 Jun 2021 17:10:41 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uw2vr_quOuaU6qfxWZtcoLo12wr2U3z05f_5BD3KWSsUf_IaiGkn8o5qFF-aOCBKLL7W_128twSCww0MoWnl7jxUKAG5A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 26 Jun 2021 17:15:41 GMT
truncated
/ 		548 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
902dde5c61e28b2ea557a81ff2d3a2be505654f7a8d74b35c52410f47dc75f66

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		484 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f677418329f1492ff13d5041c5872f1570eda43eaca5d1854a61de27385dab66

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		478 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23727e1fd90dc2bc2566aeef37ee69dd72c888dd8ba8d726f45e843c85eb0d67

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		365 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04b2684e2a85ed8bf65eb0e6a3b4d942ebe82fcec4169bf3b322b9ad06f6565f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame E823 		340 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
319cd584d0eafd2b782b2fcd8919d64b7a57286abb0be4dbb7e5b725ce235ef3

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UwTNI0an_DGLQMYS_SwESsQydFP9ZHijkwIsdr16wjQ-s5BDeHI_xFe91LnSla2eIMTRulwXiwslzsL-MseAzE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
98488
last-modified
Wed, 23 Jun 2021 10:48:36 GMT
server
UploadServer
etag
"bce4cecf47b100649e3194bf47af330f"
vary
Accept-Encoding
x-goog-hash
crc32c=yl+Wtg==, md5=vOTOz0exAGSeMZS/R68zDw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1624445316505787
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
98488
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 26 Jun 2021 17:15:41 GMT
track
atrack.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1624727441591&cid=5f070f593078f637e2102d8c&VERSION=4.64.1&cou=DE&AV_SUBID=72364&sn=72364&AV_PAGE_LOAD_UID=247343e8-e931-4a04-9543-3ccad3790687&AV_CDIM4=247343e8-e931-4a04-9543-3ccad3790687&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.237.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
events
prd-collector-anon.ex.co/main/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7017b1f8-2e26-4d1c-bf8e-ee502a676c19?subId=72364
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://heavy.com
date
Sat, 26 Jun 2021 17:10:41 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
gpt.js
www.googletagservices.com/tag/js/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f94fefa4e57a913d4369a0ac5bc7dadf6ac6b1b2a8d5c7c38257cb390a80ac01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"913 / 964 of 1000 / last-modified: 1624658963"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23730
x-xss-protection
0
expires
Sat, 26 Jun 2021 17:10:41 GMT
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.jpg
mcd.ex.co/video/upload/so_4/v1490095101/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/so_4/v1490095101/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.jpg
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
221ac4f227de741e786e847f2d5afcebe24de035b7a679e89dfa36c85b7a3665

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 26 Jun 2021 17:10:41 GMT
Last-Modified
Sat, 26 Jun 2021 12:26:53 GMT
Server
cloudinary
X-Timer
S1624711432.554724,VS0,VE1
ETag
"518261633381212a52cd841c8ae8ed24"
X-Served-By
cache-wdc5554-WDC
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31541549
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
44796
X-Cache-Hits
1
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.73.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://heavy.com
date
Sat, 26 Jun 2021 17:10:41 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.73.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://heavy.com
date
Sat, 26 Jun 2021 17:10:41 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=heavy.com&sn=72364&cd4=247343e8-e931-4a04-9543-3ccad3790687&cd5=default&cd6=100&cd7=main&ic=0&tgt=0&app=&wi=253&he=143&test=&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=5f070f593078f637e2102d8c&stagid=&stplid=&e=inventory&vi=0&cb=1624727441744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.m3u8
mcd.ex.co/video/upload/sp_hd/v1490095101/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
861e33bb194346138fb50bb859c7573571212e3e1ccd3d1c82e2faac82d5516e

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 26 Jun 2021 17:10:41 GMT
Status
200 OK
Connection
keep-alive
Content-Length
1079
X-Request-Id
06bfe4105dce8038229042e42bc3685d
X-Served-By
cache-wdc5537-WDC
Last-Modified
Sat, 26 Jun 2021 12:30:05 GMT
Server
cloudinary
X-Timer
S1624711432.733858,VS0,VE1
ETag
"05f5d9bc29549dd0033df30f04d26220"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31541691
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
/
premiumsrv.aniview.com/api/adserver/tag/ 		19 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.64.1&cou=DE&AV_SUBID=72364&sn=72364&AV_PAGE_LOAD_UID=247343e8-e931-4a04-9543-3ccad3790687&AV_CDIM4=247343e8-e931-4a04-9543-3ccad3790687&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=5f070f593078f637e2102d8c&format=json&tgt=0&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=heavy.com&AV_DADPOS=3&v=6.1.1.243&responsive=1&avtoken=441744&AV_WIDTH=253&AV_HEIGHT=143&AV_DNT=0&cb=1624727441760
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.235.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a6778651eac1e0d1df5841192f65ca92bb80bc7d1a049801ff05a561a10acc83

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://heavy.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 15 Jun 2021 03:24:02 GMT
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1624710388/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
e062d237adcacbc4402ff06a08d4d8405ac89ad7d0a5dfa340b79f5b95f60329

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 26 Jun 2021 17:10:41 GMT
Last-Modified
Sat, 26 Jun 2021 12:26:36 GMT
Server
cloudinary
X-Timer
S1624711905.711056,VS0,VE0
ETag
"2becfc4d6333c7bf5c933680010c89d8"
X-Served-By
cache-wdc5520-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31541955
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1225
X-Cache-Hits
6
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1624710388/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://heavy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sat, 26 Jun 2021 17:10:41 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1624710388/ 		93 KB
93 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
a1702fc96ff501076d7b9492d6486f6b76d6bab2f9613059799aec537779aedc

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-95127

Response headers

Date
Sat, 26 Jun 2021 17:10:41 GMT
Content-Range
bytes 0-95127/1080436
Connection
keep-alive
Content-Length
95128
X-Served-By
cache-wdc5520-WDC
Last-Modified
Sat, 26 Jun 2021 12:26:36 GMT
Server
cloudinary
X-Timer
S1624711905.873092,VS0,VE0
ETag
"15cc133556ed7a87b7b6b7e2b1ee7241"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31542074
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
991cbffe-6847-46aa-a9dc-4b59c0889074
https://heavy.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://heavy.com/991cbffe-6847-46aa-a9dc-4b59c0889074
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
11fed3d3296e73358742664aa2e6b1efafbc6324339481c958187c4b4ce3e473

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 26 Jun 2021 17:10:41 GMT
Last-Modified
Sat, 26 Jun 2021 12:29:45 GMT
Server
cloudinary
X-Timer
S1624711905.062976,VS0,VE0
ETag
"39c117ca4f1bbf07106237b7bf96706b"
X-Served-By
cache-wdc5520-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31542117
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1234
X-Cache-Hits
2
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/ 		233 KB
233 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
db17cf56918857a5318e98e7b3e9a7a9c1938a9f8d30877305ab46c206b126ce

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-238195

Response headers

Date
Sat, 26 Jun 2021 17:10:41 GMT
Content-Range
bytes 0-238195/2934868
Connection
keep-alive
Content-Length
238196
X-Served-By
cache-wdc5520-WDC
Last-Modified
Sat, 26 Jun 2021 12:29:45 GMT
Server
cloudinary
X-Timer
S1624711905.248643,VS0,VE0
ETag
"e3dbc62613932ba4f6fdf83d4d37ad64"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31541985
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://heavy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sat, 26 Jun 2021 17:10:41 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/ 		318 KB
319 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
1d19c0647072dbd720a8d8e258ad8324f845cac4be9a2ac93a27c4455cab5a3f

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=238196-563999

Response headers

Date
Sat, 26 Jun 2021 17:10:42 GMT
Content-Range
bytes 238196-563999/2934868
Connection
keep-alive
Content-Length
325804
X-Served-By
cache-wdc5520-WDC
Last-Modified
Sat, 26 Jun 2021 12:29:45 GMT
Server
cloudinary
X-Timer
S1624711905.248643,VS0,VE0
ETag
"e3dbc62613932ba4f6fdf83d4d37ad64"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31541984
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://heavy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sat, 26 Jun 2021 17:10:42 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
truncated
/ 		554 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
452d1771c6e4f4a4981f681d311aabb02f3b79661e4b3688293506891c4549ad

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
prd-collector-anon.ex.co/main/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7017b1f8-2e26-4d1c-bf8e-ee502a676c19?subId=72364
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://heavy.com
date
Sat, 26 Jun 2021 17:10:42 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/ 		254 KB
255 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
96340e7b06de2c9c37747de22f515aff6213f02d40ef448f4f0be8dfaee7b205

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=564000-824379

Response headers

Date
Sat, 26 Jun 2021 17:10:42 GMT
Content-Range
bytes 564000-824379/2934868
Connection
keep-alive
Content-Length
260380
X-Served-By
cache-wdc5520-WDC
Last-Modified
Sat, 26 Jun 2021 12:29:45 GMT
Server
cloudinary
X-Timer
S1624711905.248643,VS0,VE0
ETag
"e3dbc62613932ba4f6fdf83d4d37ad64"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31541984
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://heavy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sat, 26 Jun 2021 17:10:42 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/ 		354 KB
354 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
72827db824ad8a073a5f61ab7deed272e37d21afb47a126fb1520001eb2bbe41

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=824380-1186655

Response headers

Date
Sat, 26 Jun 2021 17:10:42 GMT
Content-Range
bytes 824380-1186655/2934868
Connection
keep-alive
Content-Length
362276
X-Served-By
cache-wdc5520-WDC
Last-Modified
Sat, 26 Jun 2021 12:29:45 GMT
Server
cloudinary
X-Timer
S1624711905.248643,VS0,VE0
ETag
"e3dbc62613932ba4f6fdf83d4d37ad64"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31541984
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://heavy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sat, 26 Jun 2021 17:10:42 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3C52 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D1%26key%3D
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D1%26key%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heavy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heavy.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=116735
expires
Mon, 28 Jun 2021 01:36:17 GMT
date
Sat, 26 Jun 2021 17:10:42 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A060
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://heavy.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heavy.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 26 Jun 2021 17:10:42 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Date
Sat, 26 Jun 2021 17:10:42 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync
pixel.advertising.com/ups/58195/ Frame 1D31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.10.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.advertising.com
:scheme
https
:path
/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heavy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heavy.com/

Response headers

date
Sat, 26 Jun 2021 17:10:42 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security
max-age=31536000
Cookie set usermatch
ssum.casalemedia.com/ Frame 70A3
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D&s=190719&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D&s=190719&C=1
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
714eabf112a7176af3e4f3bd78c76674dc5c3fee07291d0146579410b4aa0c00

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://heavy.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YNdfkgjvyxG9Z3Q1bo.oDwAA; CMPS=5190
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heavy.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|45|13|57|41|188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1813
Expires
Sat, 26 Jun 2021 17:10:42 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 26 Jun 2021 17:10:42 GMT
Connection
keep-alive
Set-Cookie
CMID=YNdfkgjvyxG9Z3Q1bo.oDwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 26 Jun 2022 17:10:42 GMT CMPS=5190;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 24 Sep 2021 17:10:42 GMT CMPRO=1140;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 24 Sep 2021 17:10:42 GMT CMRUM3=2d60d75f9205a0&bc60d75f9205a00&0d60d75f9205a0&f160d75f9205a0&3960d75f9205a0&2760d75f920b40&e660d75f922760&2960d75f9205a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 26 Jun 2022 17:10:42 GMT CMST=YNdfkmDXX5IA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 27 Jun 2021 17:10:42 GMT

Redirect headers

Server
Apache
Content-Length
379
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D&s=190719&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 26 Jun 2021 17:10:42 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 26 Jun 2021 17:10:42 GMT
Connection
keep-alive
Set-Cookie
CMID=YNdfkgjvyxG9Z3Q1bo.oDwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 26 Jun 2022 17:10:42 GMT CMPS=5190;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 24 Sep 2021 17:10:42 GMT
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=338398&pgid=1184784&fmtid=86422&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=860076188772010257&pgdomain=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F0...
  • https://www9.smartadserver.com/ac?siteid=338398&pgid=1184784&fmtid=86422&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=860076188772010257&pgdomain=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F0...
129 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=338398&pgid=1184784&fmtid=86422&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=860076188772010257&pgdomain=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&vph=143&vpw=253&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00001qMZJwQAO%2C1%2C%2CRev+Content%2Cheavy.com&cbb=4727442267&cklb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:42 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://heavy.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked

Redirect headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:41 GMT
location
https://www9.smartadserver.com/ac?siteid=338398&pgid=1184784&fmtid=86422&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=860076188772010257&pgdomain=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&vph=143&vpw=253&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00001qMZJwQAO%2C1%2C%2CRev+Content%2Cheavy.com&cbb=4727442267&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://heavy.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
avpb3.js
player.aniview.com/script/6.1/ Frame E823 		282 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
14fc395ad49ae416330b86596c58cfa774d3910503b94a25c51743a35a5a6288

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:42 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uzafgk_GO4dFGROVh7LPv-FSozRh2vSB7IEzxqzK1IPQtg-KxbJ-JoseY5TTfXcgpFabV-1n8M8XtvabWbHZ9HcAh_dNg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
90379
last-modified
Wed, 23 Jun 2021 10:47:56 GMT
server
UploadServer
etag
"cddb29ba1fbe753fa70d0a2f6004ba8c"
vary
Accept-Encoding
x-goog-hash
crc32c=/c9QSQ==, md5=zdspuh++dT+nDQovYAS6jA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1624445276759644
access-control-expose-headers
Content-Type
cache-control
no-transform, max-age=300
x-goog-stored-content-length
90379
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 26 Jun 2021 17:15:42 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=heavy.com&rs=heavy.com&sid=70221&t=1624727442&cip=159.48.55.6&sn=72364&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=253&he=143&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1624727442016-967005361742-007917-002-002371&cha=0.05&stagid=&stplid=&cb=86007618877&cd1=4.64.1&cd4=247343e8-e931-4a04-9543-3ccad3790687&cd5=default&cd6=100&cd7=main&d9=1000&AV_WIDTH=253&AV_HEIGHT=143&nid=56ea678d181f46c76f8b45fb&ncid=5f070f593078f637e2102d8c&e=request&cb=1624727442273&asid=5fc4ee1ef674bd4e663d49dc%2C5e85bc1ecc3dc40c1d654725%2C5fd1f2cc9772f87a350a855b%2C5fbe5d4370a94c4b696b7ccc%2C5ff1826de52e2f2dd148e0f4%2C5c5a9a6228a0617b9619af99%2C6061efdbb7a06416cc5b4805%2C5ddfcaee28a06109914a6e5c%2C5d7a45e628a0614c5e396e0d%2C604e0bb1f199b154cc115338&ofpr=3%2C%2C1.5%2C2.8%2C3.5%2C2%2C2%2C2%2C1.5%2C2&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/ 		275 KB
276 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
33d7c1d4a4aadac92452c101f4eb9103c19e59e352d8e3a1a230abddfc514e42

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1186656-1468279

Response headers

Date
Sat, 26 Jun 2021 17:10:42 GMT
Content-Range
bytes 1186656-1468279/2934868
Connection
keep-alive
Content-Length
281624
X-Served-By
cache-wdc5520-WDC
Last-Modified
Sat, 26 Jun 2021 12:29:45 GMT
Server
cloudinary
X-Timer
S1624711905.248643,VS0,VE0
ETag
"e3dbc62613932ba4f6fdf83d4d37ad64"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31541984
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://heavy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sat, 26 Jun 2021 17:10:42 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
avjp
playbuzzltd-d.openx.net/v/1.0/ 		106 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playbuzzltd-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7a4faabc-b348-491e-8a47-7cff2686db8d&nocache=1624727442308&schain=1.0%2C1!playbuzz.com%2C0010J00001qMZJwQAO%2C1%2C6ec9a96e72cd81adcfb8893056c4c1b4_172315933%2CRev%20Content%2Cheavy.com&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A253%2C%22h%22%3A143%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=544001351&vwd=253&vht=143&aumfs=2000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:42 GMT
via
1.1 google
server
OXGW/16.209.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://heavy.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.54.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
09e16e6e63acbb839af5be0c57f3ceddd6a90b69a74c6f046cf61b0256fe1a1c

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:42 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://heavy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
177
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.54.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5f7e93eb9af41dacb3640e502130f3e8d5dcccf476c11ebc311cb81341451c09

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:42 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://heavy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
172
expires
0
avjp
playbuzzltd-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playbuzzltd-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a0fdb6eb-2937-449d-bd4f-77c0a6fe2f34&nocache=1624727442313&schain=1.0%2C1!playbuzz.com%2C0010J00001qMZJwQAO%2C1%2C6ec9a96e72cd81adcfb8893056c4c1b4_172315933%2CRev%20Content%2Cheavy.com&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A253%2C%22h%22%3A143%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=540851142&vwd=253&vht=143&aumfs=1500
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:42 GMT
via
1.1 google
server
OXGW/16.209.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://heavy.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		24 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=373647&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22999789cfd6e1ae%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22playbuzz.com%22%2C%22sid%22%3A%220010J00001qMZJwQAO%22%2C%22rid%22%3A%226ec9a96e72cd81adcfb8893056c4c1b4_172315933%22%2C%22domain%22%3A%22heavy.com%22%2C%22name%22%3A%22Rev%20Content%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210b9b4bb0244ac6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22373647%22%2C%22sid%22%3A%22253x143%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A253%2C%22h%22%3A143%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
33604784010b143a38317e797c1f06a8a4c131dec70f6fae331713fee0e94e61

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:42 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[NL], RC:[], CN:[EU], CIP:[159.48.55.6], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://heavy.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Sat, 26 Jun 2021 17:10:42 GMT
mvo
tag.1rx.io/rmp/217532/0/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/217532/0/mvo?z=1r&hbv=4.42.1,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heavy.com
pragma
no-cache
date
Sat, 26 Jun 2021 17:10:42 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ 		25 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=373648&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2213b24ef1a7dbb93%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fheavy.com%2Fnews%2F2017%2F08%2Fmavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22playbuzz.com%22%2C%22sid%22%3A%220010J00001qMZJwQAO%22%2C%22rid%22%3A%226ec9a96e72cd81adcfb8893056c4c1b4_172315933%22%2C%22domain%22%3A%22heavy.com%22%2C%22name%22%3A%22Rev%20Content%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22147792594ce917%22%2C%22ext%22%3A%7B%22siteID%22%3A%22373648%22%2C%22sid%22%3A%22253x143%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A253%2C%22h%22%3A143%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3abea25391306b1451ce302c4992af69f1cbf2168fb2b5912e2f7924ef43d871

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:42 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[NL], RC:[], CN:[EU], CIP:[159.48.55.6], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://heavy.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sat, 26 Jun 2021 17:10:42 GMT
mvo
tag.1rx.io/rmp/216551/0/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216551/0/mvo?z=1r&hbv=4.42.1,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heavy.com
pragma
no-cache
date
Sat, 26 Jun 2021 17:10:42 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heavy.com
date
Sat, 26 Jun 2021 17:10:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/ 		289 KB
290 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
9a77353a63b59450694f568c6e371e3f6baef7e244e5b4f227baa2633809baa8

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1468280-1764379

Response headers

Date
Sat, 26 Jun 2021 17:10:42 GMT
Content-Range
bytes 1468280-1764379/2934868
Connection
keep-alive
Content-Length
296100
X-Served-By
cache-wdc5520-WDC
Last-Modified
Sat, 26 Jun 2021 12:29:45 GMT
Server
cloudinary
X-Timer
S1624711905.248643,VS0,VE0
ETag
"e3dbc62613932ba4f6fdf83d4d37ad64"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31541984
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://heavy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sat, 26 Jun 2021 17:10:42 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
PugMaster
image6.pubmatic.com/AdServer/ Frame 3C52 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2619876&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:41 GMT
content-length
0
dcm
s.amazon-adsystem.com/ Frame 70A3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNdfkgjvyxG9Z3Q1bo-oDwAABHQAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNdfkgjvyxG9Z3Q1bo-oDwAABHQAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNdfkgjvyxG9Z3Q1bo-oDwAABHQAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Jun 2021 17:10:42 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 26 Jun 2021 17:10:42 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNdfkgjvyxG9Z3Q1bo-oDwAABHQAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 70A3 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YNdfkgjvyxG9Z3Q1bo.oDwAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 70A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNdfkgjvyxG9Z3Q1bo-oDwAABHQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YNdfkgjvyxG9Z3Q1bo-oDwAABHQAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPgFtMhSn1dKc8hOkrorYt8&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPgFtMhSn1dKc8hOkrorYt8&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Jun 2021 17:10:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 26 Jun 2021 17:10:42 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPgFtMhSn1dKc8hOkrorYt8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 70A3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNdfkgjvyxG9Z3Q1bo.oDwAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YNdfkgjvyxG9Z3Q1bo.oDwAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGRctpCzXQeO3cAKfdVyKCg&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGRctpCzXQeO3cAKfdVyKCg&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Jun 2021 17:10:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 26 Jun 2021 17:10:42 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGRctpCzXQeO3cAKfdVyKCg&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 70A3
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=066522040714899a90203ddc&expiration=[EXPIRATION]&gdpr=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=066522040714899a90203ddc&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Jun 2021 17:10:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 26 Jun 2021 17:10:42 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=066522040714899a90203ddc&expiration=[EXPIRATION]&gdpr=1
Date
Sat, 26 Jun 2021 17:10:42 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
crum
dsum-sec.casalemedia.com/ Frame 70A3
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471596222687271
43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471596222687271
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Jun 2021 17:10:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 26 Jun 2021 17:10:42 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471596222687271
Date
Sat, 26 Jun 2021 17:10:42 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
bridge
cm.adgrx.com/ Frame 70A3 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Jun 2021 17:10:42 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-3
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
CookieIndex
rtb.adentifi.com/ Frame 70A3 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.122.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
cookiesyncendpoint
sync.aniview.com/ Frame 70A3 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1624727442016-967005361742-007917-002-002371&biddername=42&key=YNdfkgjvyxG9Z3Q1bo.oDwAA%261140
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624727442016-967005361742-007917-002-002371%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.125.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:42 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame A060 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7b2fc98d710e1338b207958e7ae3555c4e9bcf287d162ce4192bdb72fb802bd8

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 26 Jun 2021 17:10:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jun 2021 16:13:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79571
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9274
Expires
Sun, 27 Jun 2021 15:16:53 GMT
khaos.jpg
token.rubiconproject.com/ Frame A060 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
ixmatch.html
js-sec.indexww.com/um/ Frame 63C6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://heavy.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heavy.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 26 Jun 2021 17:10:43 GMT
Connection
keep-alive
pd
u.openx.net/w/1.0/ Frame 86F8 		668 B
720 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
a8689bc4769f29f00487524be580ccd650408ab934406fd41cb0f614457ae589

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heavy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=6f8a9948-e13d-02d3-1c6c-d9b55e480840|1624727442
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heavy.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=6f8a9948-e13d-02d3-1c6c-d9b55e480840|1624727442; Version=1; Expires=Sun, 26-Jun-2022 17:10:43 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624727443|gekin0vNiygu; Version=1; Expires=Sun, 11-Jul-2021 17:10:43 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.209.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 26 Jun 2021 17:10:43 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 8AAA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://heavy.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heavy.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 26 Jun 2021 17:10:43 GMT
Connection
keep-alive
pd
u.openx.net/w/1.0/ Frame 44E7 		668 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
a8689bc4769f29f00487524be580ccd650408ab934406fd41cb0f614457ae589

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heavy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=6f8a9948-e13d-02d3-1c6c-d9b55e480840|1624727442
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heavy.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=6f8a9948-e13d-02d3-1c6c-d9b55e480840|1624727442; Version=1; Expires=Sun, 26-Jun-2022 17:10:43 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624727443|gekin0vNiygu; Version=1; Expires=Sun, 11-Jul-2021 17:10:43 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.209.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 26 Jun 2021 17:10:43 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5952 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heavy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heavy.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=115859
expires
Mon, 28 Jun 2021 01:21:42 GMT
date
Sat, 26 Jun 2021 17:10:43 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DE8D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: heavy.com
URL: https://heavy.com/news/2017/08/mavis-wanczyk-powerball-winner-massachusetts-chicopee-name-lottery/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://heavy.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heavy.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 26 Jun 2021 17:10:43 GMT
Connection
keep-alive
Vary
Accept-Encoding
sd
eu-u.openx.net/w/1.0/ Frame 44E7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d34760d7-5f92-4e00-a871-5bd2f1431c14
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d34760d7-5f92-4e00-a871-5bd2f1431c14
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 26 Jun 2021 17:10:43 GMT
Server
MT3 3799 851f7e8 master zrh-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d34760d7-5f92-4e00-a871-5bd2f1431c14
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 26 Jun 2021 17:10:42 GMT
sd
us-u.openx.net/w/1.0/ Frame 44E7
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=W8ZzmliQLp5AxC6dX5I6mAuVJclAxiKaVcBEkROf
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=W8ZzmliQLp5AxC6dX5I6mAuVJclAxiKaVcBEkROf
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=W8ZzmliQLp5AxC6dX5I6mAuVJclAxiKaVcBEkROf
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 44E7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1307826129709817480
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1307826129709817480
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1307826129709817480
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 44E7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=bc26a611-48ba-3d24-46ba-115d3a6f3bbd&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 44E7 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTA0OTc1ZGItODFjZC02MzgwLTUzNWEtNGJlNGYwOGRmNWRk
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 44E7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPXkyu1Iy8PCi1yHUoNraA8&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPXkyu1Iy8PCi1yHUoNraA8&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPXkyu1Iy8PCi1yHUoNraA8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 86F8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=31f560d7-5f92-4500-b0db-038f5d45f16f
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=31f560d7-5f92-4500-b0db-038f5d45f16f
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 26 Jun 2021 17:10:43 GMT
Server
MT3 3799 851f7e8 master zrh-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=31f560d7-5f92-4500-b0db-038f5d45f16f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 26 Jun 2021 17:10:42 GMT
sd
us-u.openx.net/w/1.0/ Frame 86F8
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wvtTNMGtDjDZ-Q4xwvsaM8H-UWHZrVJmwvqYgl0_
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wvtTNMGtDjDZ-Q4xwvsaM8H-UWHZrVJmwvqYgl0_
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wvtTNMGtDjDZ-Q4xwvsaM8H-UWHZrVJmwvqYgl0_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 86F8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3749648153260577280
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3749648153260577280
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3749648153260577280
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 86F8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=bc26a611-48ba-3d24-46ba-115d3a6f3bbd&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 86F8 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTA0OTc1ZGItODFjZC02MzgwLTUzNWEtNGJlNGYwOGRmNWRk
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 86F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPXkyu1Iy8PCi1yHUoNraA8&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPXkyu1Iy8PCi1yHUoNraA8&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Jun 2021 17:10:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPXkyu1Iy8PCi1yHUoNraA8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame DE8D 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7b2fc98d710e1338b207958e7ae3555c4e9bcf287d162ce4192bdb72fb802bd8

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 26 Jun 2021 17:10:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jun 2021 16:13:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79570
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9274
Expires
Sun, 27 Jun 2021 15:16:53 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 015F 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://heavy.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YNdfkgjvyxG9Z3Q1bo.oDwAA; CMPS=5190; CMPRO=1140; CMST=YNdfkmDXX5IA; CMRUM3=e660d75f922760&2760d75f920b40&2960d75f9205a0&f160d75f9205a0&3960d75f9227601870471596222687271&bc60d75f9205a00&0d60d75f922760066522040714899a90203ddc&2d60d75f922760CAESEGRctpCzXQeO3cAKfdVyKCg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Content-Length
54
Expires
Sat, 26 Jun 2021 17:10:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 26 Jun 2021 17:10:43 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 0216 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://heavy.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YNdfkgjvyxG9Z3Q1bo.oDwAA; CMPS=5190; CMPRO=1140; CMST=YNdfkmDXX5IA; CMRUM3=e660d75f922760&2760d75f920b40&2960d75f9205a0&f160d75f9205a0&3960d75f9227601870471596222687271&bc60d75f9205a00&0d60d75f922760066522040714899a90203ddc&2d60d75f922760CAESEGRctpCzXQeO3cAKfdVyKCg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Content-Length
54
Expires
Sat, 26 Jun 2021 17:10:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 26 Jun 2021 17:10:43 GMT
Connection
keep-alive
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/ 		327 KB
327 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
2dafd41a66e3a50d0a511d822d91f7765230ae59791c2a6ef26f05f2f0cf2cc8

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1764380-2098831

Response headers

Date
Sat, 26 Jun 2021 17:10:46 GMT
Content-Range
bytes 1764380-2098831/2934868
Connection
keep-alive
Content-Length
334452
X-Served-By
cache-wdc5520-WDC
Last-Modified
Sat, 26 Jun 2021 12:29:45 GMT
Server
cloudinary
X-Timer
S1624711905.248643,VS0,VE0
ETag
"e3dbc62613932ba4f6fdf83d4d37ad64"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31541980
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1624710388/landscapec86dc8ae-0a6e-45d2-8dfb-f849dbb84aef_1624709784670.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://heavy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sat, 26 Jun 2021 17:10:46 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe8b2264b7ef7ae4f5b3ee5fa827b2744a843804a417cc0b39a4f0e9f64f07ed

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:46 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2868
etag
W/"5fc2f559bc639be298da1ed4b804eeda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
66580d0d2a39d6d5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aeae67c370000d6d562034000000001
expires
Tue, 29 Jun 2021 17:10:46 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?r=heavy.com&sn=72364&cd4=247343e8-e931-4a04-9543-3ccad3790687&cd5=default&cd6=100&cd7=main&ic=0&tgt=0&app=&wi=253&he=143&test=&apppkg=&fv=3&proto=https
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 26 Jun 2021 17:10:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=heavy.com&rs=heavy.com&sid=70221&t=1624727442&cip=159.48.55.6&sn=72364&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=253&he=143&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1624727442016-967005361742-007917-002-002371&cha=0.05&stagid=&stplid=&cb=86007618877&cd1=4.64.1&cd4=247343e8-e931-4a04-9543-3ccad3790687&cd5=default&cd6=100&cd7=main&d9=1000&AV_WIDTH=253&AV_HEIGHT=143&nid=56ea678d181f46c76f8b45fb&ncid=5f070f593078f637e2102d8c&e=request&cb=1624727447593&asid=5fbe5d4370a94c4b696b7ccc%2C5ff1826de52e2f2dd148e0f4&ofpr=2.8%2C3.5&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Jun 2021 17:10:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/217532/0/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/217532/0/mvo?z=1r&hbv=4.42.1,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heavy.com
pragma
no-cache
date
Sat, 26 Jun 2021 17:10:47 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/216551/0/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216551/0/mvo?z=1r&hbv=4.42.1,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heavy.com
pragma
no-cache
date
Sat, 26 Jun 2021 17:10:47 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| adthriveCLS string| at_location string| at_path object| adthrive function| hvyWidgetsTargeting object| heavyJS function| _classCallCheck function| _defineProperties function| _createClass function| IOlazy string| heavyGAID string| GoogleAnalyticsObject function| ga number| heavySameSiteTrackingDelay object| featuredImage object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| OneSignal number| oneSignalDelay object| _comscore number| lazyEmbedsYMargin number| lazyEmbedsTimeout object| _stq function| st_go function| linktracker_init object| wpcom number| domReadyTime object| googletag object| pbjs function| pbjsChunk object| _pbjsGlobals object| cmp object| gdprConfiguration object| node function| __tcfapi object| ggeac object| google_js_reporting_queue object| wpJsonpLiverampGdprCmp function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| trackingMap function| heavySameSiteTracking object| _atrk_opts function| atrk boolean| _atrk_fired function| udm_ object| ns_p object| COMSCORE object| ua_result object| revcontent function| dspCriteoRTUSCallback function| renderRCWidget object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| regeneratorRuntime object| pbStream string| pbPageIdentifier object| __EXCO function| Hls function| av_sciv_hndlr1624727441738 object| storageAni

3 Cookies

Domain/Path Name / Value
.heavy.com/ Name: _gat
Value: 1
.heavy.com/ Name: _gid
Value: GA1.2.727575354.1624727436
.heavy.com/ Name: _ga
Value: GA1.2.58653226.1624727436

4 Console Messages

Source Level URL
Text
console-api warning URL: https://ads.adthrive.com/builds/core/4f9bcd2/gdpr/vendor/prebid/prebid.min.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api error URL: https://ads.adthrive.com/builds/core/4f9bcd2/js/adthrive.min.js?threshold=0&deployment=ad-1053:pr1669:flex-05:c3c2df0:con&cb=1624727436805(Line 17)
Message:
%cindex::load color: #999; font-weight: bold; Error: Cannot inject the dependency at position #0 of "e" constructor. Reason: Cannot inject the dependency at position #4 of "e" constructor. Reason: Cannot read property 'getItem' of null
console-api info URL: https://player.ex.co/player/7017b1f8-2e26-4d1c-bf8e-ee502a676c19?subId=72364(Line 6)
Message:
[exco-log] - 6/26/2021, 7:10:41 PM: logger - enabled
console-api log URL: https://d1bvk193qme2fc.cloudfront.net/script.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adthrive.com
ads.pubmatic.com
assets.revcontent.com
atrack.avplayer.com
c1.adform.net
cdn.onesignal.com
cdn.revcontent.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.adgrx.com
cm.g.doubleclick.net
d1bvk193qme2fc.cloudfront.net
dsum-sec.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gdpr-consent-tool.privacymanager.io
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
hbopenbid.pubmatic.com
heavy.com
htlb.casalemedia.com
i.clean.gg
i.ytimg.com
image6.pubmatic.com
images.revcontent.com
img.revcontent.com
js-sec.indexww.com
logger.adthrive.com
match.adsrvr.org
mcd.ex.co
p.rfihub.com
pixel.advertising.com
pixel.quantserve.com
pixel.wp.com
playbuzzltd-d.openx.net
player.aniview.com
player.avplayer.com
player.ex.co
polyfill.io
prd-collector-anon.ex.co
prebid-server.rubiconproject.com
premiumsrv.aniview.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.adentifi.com
s.amazon-adsystem.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.gravatar.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
stats.g.doubleclick.net
stats.wp.com
sync.adotmob.com
sync.aniview.com
sync.mathtag.com
tag.1rx.io
token.rubiconproject.com
track1.aniview.com
trends.revcontent.com
u.openx.net
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www9.smartadserver.com
104.109.78.125
142.250.185.162
142.250.185.66
143.204.98.27
143.204.98.29
151.101.14.137
151.101.193.26
151.139.128.11
173.231.181.122
18.197.54.206
18.235.17.58
185.183.112.155
185.29.132.69
185.64.189.112
185.64.189.115
185.86.137.17
192.0.66.32
192.0.76.3
193.0.160.129
2.16.186.139
2.18.233.180
2.18.234.21
2.19.35.65
213.19.147.42
23.37.38.181
2600:9000:2104:800:16:f82a:8600:93a1
2600:9000:2156:4200:11:2a6a:9480:93a1
2600:9000:2156:5400:a:b6fc:9800:93a1
2600:9000:2190:1400:19:f03c:7200:21
2606:4700::6812:e234
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:808::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2016
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9c
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00::210:bb91
2a04:fa87:fffe::c000:4902
3.142.157.144
34.246.73.180
34.95.69.49
35.244.159.8
37.157.2.237
52.44.237.179
52.45.125.207
52.46.130.13
52.55.122.95
52.57.10.248
52.70.33.53
65.9.77.122
65.9.77.3
65.9.77.91
69.173.144.139
75.101.235.47
76.223.111.131
0009ea685ef64d7504629f9cc5b111c7076d64cf6318a369471ed5e4ce607dfd
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
02cc1dd24f16bcd3e8d059586aefa75dfefd53c8ba8885da27f7a57985c2d2e7
03b199058f235d8279ad17ff8a744b2e24e15ad3fa5d3a1d6203e053fa5f03a8
04b2684e2a85ed8bf65eb0e6a3b4d942ebe82fcec4169bf3b322b9ad06f6565f
08e09e4e53b198adc0ed96125e782d6af8093e2398705fc5203bf86c5d4289ba
091bb0de0a818620d0fa529df0edee88a5ac2244b5396edbac0a527035cf4af7
09e16e6e63acbb839af5be0c57f3ceddd6a90b69a74c6f046cf61b0256fe1a1c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
1060ed99e26a253331d797ce0353b9aa7ffc012b7cf80da7bacf43749c06114e
11fed3d3296e73358742664aa2e6b1efafbc6324339481c958187c4b4ce3e473
140f52502d3116fa8b594b651aed07f4457e510a86aa809ef884acc5d7f4cca2
14fc395ad49ae416330b86596c58cfa774d3910503b94a25c51743a35a5a6288
181f0d62049815430c888f34ae443e5da2f467fec12a45739034900704b19940
1914ca42bb572803bbfc1d0b2ace7e247e468872f699b3a2558e3f68cb214844
1d19c0647072dbd720a8d8e258ad8324f845cac4be9a2ac93a27c4455cab5a3f
221ac4f227de741e786e847f2d5afcebe24de035b7a679e89dfa36c85b7a3665
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23727e1fd90dc2bc2566aeef37ee69dd72c888dd8ba8d726f45e843c85eb0d67
244954d649a7cb8c905c704fa7e221fcf5fc189fbfaaff4e7ec0db7edac29f53
250a0280938365d9f83769f776b3834a605a6560ca3df785029ba97b6ddd5c4e
2dafd41a66e3a50d0a511d822d91f7765230ae59791c2a6ef26f05f2f0cf2cc8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
319cd584d0eafd2b782b2fcd8919d64b7a57286abb0be4dbb7e5b725ce235ef3
320e14c207c17720156533cf7cfffff2f56cf79969781edf13a0cad956fc5ad1
33604784010b143a38317e797c1f06a8a4c131dec70f6fae331713fee0e94e61
33d7c1d4a4aadac92452c101f4eb9103c19e59e352d8e3a1a230abddfc514e42
3402776a33a86697fbb5c364616233576bb1f0d8a79a8fb5577e4de59224c028
3a8350bb64801d45c4d9ace04464d2d87d67c441cb8d63017933f1ad999bd959
3abea25391306b1451ce302c4992af69f1cbf2168fb2b5912e2f7924ef43d871
3c04106baf1333a6d9411aff493577c67786b171cfa91501c8eb3e31405b3059
3c1724d0e0546a35d6b35d39aad7cc66c49560de978c5e713dd275b81b420bac
3f26811b5f4170494b7a5a22af74cef7086f9952b2db9940b94a9244f2da47ed
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
452d1771c6e4f4a4981f681d311aabb02f3b79661e4b3688293506891c4549ad
48307114877d5b07454707dd9e225619dc2b438b76558e29748f1f9aee0bbf5a
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4d6c9287e830a38a21589c9424279b96eb2cc82e9093fd3518c89fb65d7b6e52
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4efe1d16c96feabd364e4d7e76594375fe14baa82f39c3175495e30cad984721
5293b05c3ff1365790debd62d063842f883107d47dfbda18eb4a3a2d9bb52e6a
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f7e93eb9af41dacb3640e502130f3e8d5dcccf476c11ebc311cb81341451c09
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
6f8162b4fca3ecc399476070ceb9db4d66c82121cef7bcc8311ae0cff5b2a654
714eabf112a7176af3e4f3bd78c76674dc5c3fee07291d0146579410b4aa0c00
72827db824ad8a073a5f61ab7deed272e37d21afb47a126fb1520001eb2bbe41
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7350bb75942e413bb52e0bf1d926005900ff9434b508ed4edaa0b0499a1c8102
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7b2fc98d710e1338b207958e7ae3555c4e9bcf287d162ce4192bdb72fb802bd8
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f6be2077fdddaa27b13ec3048929b8d50acae167c9a2e71c5d81457e58d90c7
7f8b8a6213e637edfa0f1384e506a7271dd6d2dde8664cf23f4f2f900cb25448
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83edd49c75612c0bbbf5565072adde4e188adf5d1005ca57ed9582cdd6e445f8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
861e33bb194346138fb50bb859c7573571212e3e1ccd3d1c82e2faac82d5516e
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
8953087e8f4a44b9f406cb4ef4595ee905fe92165d28c13768e6502b334e8cb0
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
902dde5c61e28b2ea557a81ff2d3a2be505654f7a8d74b35c52410f47dc75f66
91a2212c47b6ee6557bff3503bac1d5da5a744a8695e2f3f05483adef1cdd665
96340e7b06de2c9c37747de22f515aff6213f02d40ef448f4f0be8dfaee7b205
9712ef9ac052eae2bda8044101fa925f05aabe2c2f7619b021d1f2925abeb132
994e1f335c8d6049d4ed6cd0e51bc405f6af893be452182cccf92acac046de89
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde
9a77353a63b59450694f568c6e371e3f6baef7e244e5b4f227baa2633809baa8
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a
9d241430f4ee4dc8a5d38e2e0f88a6ae2a27624425c95d8c7865f7e4173cf9ca
9e40a50299d8138104fc0f17767757ff98681929e3a1ed90f38f02e8d8b92efe
a1702fc96ff501076d7b9492d6486f6b76d6bab2f9613059799aec537779aedc
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a6778651eac1e0d1df5841192f65ca92bb80bc7d1a049801ff05a561a10acc83
a8689bc4769f29f00487524be580ccd650408ab934406fd41cb0f614457ae589
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b260b592fc81d39065eed1b5756a3f449b8331e9547a8495db921a3d5484de
b1d24638581b5833b799ae0f4eac192daf1f2530fb04670f7f2ea467b2ee3a3c
b76c15fe6a03e5aed60f3991681a4dcdce745d04051a7816925eac6bb748a9e1
b925b10658e33e914afb403288724c44a82441e1bba11b3112c9e4e560dfe378
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdd478688e31a747306c6c07fe5599b06b045c7f2901b5b9a853c0f4d3565f0b
bee63f2099ff4816beb79cb3e0270d796b7c0438a5b67dcb31392d54ae75e6c9
bf64b24d1e695f8e3c05db08ac114516bf4520b2954d90caf18fa20ba3dc6919
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c40d78f0ecc377f734bb18c439b373bcbf56b270e7dc36881530bd0df8747e00
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
c97fa680ab8feab09e2d28bdad2af0e0882e645914192285ed125b45474e9519
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc75abc047c90d66547ba283c5d9a427dce1a03813cb699eadbb7c8dfda4d945
d42596eb04af011a4f008dcd02a138297efc5f6d9d4798f19db15b1b7a2fbd02
d8b1d4dcdcc05db5061f9fb013537608572a60aba2230b47ffa3541fcd6aaeae
db17cf56918857a5318e98e7b3e9a7a9c1938a9f8d30877305ab46c206b126ce
e062d237adcacbc4402ff06a08d4d8405ac89ad7d0a5dfa340b79f5b95f60329
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e24977673fa7e6020ba6a2fee6eeab33de641af9ddf8f44bbe702c67d7494938
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fb5243d8f71436420d15fbf9dbc1b5b2d7b96d1e186d7f24c8a143ae2de492
e61a580a9c77e2d4074d6e4ccfbf54a1185a7d881a75e4148456e1857cfd1a6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3bef51fe56f26bd5e2c23de215cc8b5bfe8bdbe752ac0dff1263f3bf38b5c8f
f677418329f1492ff13d5041c5872f1570eda43eaca5d1854a61de27385dab66
f94fefa4e57a913d4369a0ac5bc7dadf6ac6b1b2a8d5c7c38257cb390a80ac01
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fe8b2264b7ef7ae4f5b3ee5fa827b2744a843804a417cc0b39a4f0e9f64f07ed
fecf08d48dbc946b3487abedf98eda2cc270626b457f350347e67729bb4c007c