www.sandssurprise.com Open in urlscan Pro
13.226.155.38 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.sandssurprise.com/
Effective URL:
https://www.sandssurprise.com/
Submission: On August 31 via manual (August 31st 2021, 1:22:07 pm UTC) from IN

Summary HTTP 329 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 82 IPs in 8 countries across 90 domains to perform 329 HTTP transactions. The main IP is 13.226.155.38, located in United States and belongs to AMAZON-02, US. The main domain is www.sandssurprise.com.
TLS certificate: Issued by Amazon on April 30th 2021. Valid for: a year.

This is the only time www.sandssurprise.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	13.226.155.38 13.226.155.38	16509 (AMAZON-02) (AMAZON-02)
47	13.226.155.108 13.226.155.108	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	35.169.206.198 35.169.206.198	14618 (AMAZON-AES) (AMAZON-AES)
2 37	209.54.178.82 209.54.178.82	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 4	206.189.187.108 206.189.187.108	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	104.111.233.93 104.111.233.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2 12	52.8.197.246 52.8.197.246	16509 (AMAZON-02) (AMAZON-02)
2 4	13.224.93.90 13.224.93.90	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:218... 2600:9000:2182:b600:8:e7ba:7440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223c:e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:218... 2600:9000:2182:3a00:1d:cf92:a80:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.244.187 104.111.244.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.44.38.222 52.44.38.222	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.121.41 13.32.121.41	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	13.226.155.84 13.226.155.84	16509 (AMAZON-02) (AMAZON-02)
2	18.202.15.91 18.202.15.91	16509 (AMAZON-02) (AMAZON-02)
10	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
5 8	64.158.223.137 64.158.223.137	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 3	89.207.16.204 89.207.16.204	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.97.25 18.66.97.25	16509 (AMAZON-02) (AMAZON-02)
11	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.32.121.122 13.32.121.122	16509 (AMAZON-02) (AMAZON-02)
5	23.20.64.84 23.20.64.84	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
6	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 7	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	18.66.97.36 18.66.97.36	16509 (AMAZON-02) (AMAZON-02)
4 14	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 3	18.169.236.234 18.169.236.234	16509 (AMAZON-02) (AMAZON-02)
2 4	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
4 12	52.30.146.101 52.30.146.101	16509 (AMAZON-02) (AMAZON-02)
3 3	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2 2	52.57.230.211 52.57.230.211	16509 (AMAZON-02) (AMAZON-02)
2 2	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	18.194.158.62 18.194.158.62	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:6562:d53b:a2e7:750a	14618 (AMAZON-AES) (AMAZON-AES)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	13.224.101.82 13.224.101.82	16509 (AMAZON-02) (AMAZON-02)
1	3.208.250.137 3.208.250.137	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.85.189.129 54.85.189.129	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	35.157.2.63 35.157.2.63	16509 (AMAZON-02) (AMAZON-02)
1	35.170.144.83 35.170.144.83	14618 (AMAZON-AES) (AMAZON-AES)
5 5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 1	52.44.110.4 52.44.110.4	14618 (AMAZON-AES) (AMAZON-AES)
1	54.74.18.91 54.74.18.91	16509 (AMAZON-02) (AMAZON-02)
2 2	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
4 7	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
3 7	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	13.32.121.33 13.32.121.33	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	45.79.143.172 45.79.143.172	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
5 9	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	74.125.206.156 74.125.206.156	15169 (GOOGLE) (GOOGLE)
4 4	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	35.186.236.204 35.186.236.204	15169 (GOOGLE) (GOOGLE)
2	3.227.92.182 3.227.92.182	14618 (AMAZON-AES) (AMAZON-AES)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.248.86.185 34.248.86.185	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.191.66 34.248.191.66	16509 (AMAZON-02) (AMAZON-02)
1 3	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
4	13.65.210.166 13.65.210.166	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.66.96.113 18.66.96.113	16509 (AMAZON-02) (AMAZON-02)
3	52.50.64.214 52.50.64.214	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
2	52.138.200.61 52.138.200.61	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	13.32.118.50 13.32.118.50	16509 (AMAZON-02) (AMAZON-02)
1 2	54.161.241.46 54.161.241.46	14618 (AMAZON-AES) (AMAZON-AES)
1	52.216.113.11 52.216.113.11	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:d78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:219... 2600:9000:2190:5a00:6:245a:1600:21	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.67 13.32.121.67	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700::68... 2606:4700::6810:bf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1 1	199.127.207.182 199.127.207.182	26120 (RHYTHMONE) (RHYTHMONE)
1	18.209.200.15 18.209.200.15	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.203.60.58 52.203.60.58	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.253.109.165 34.253.109.165	16509 (AMAZON-02) (AMAZON-02)
11 12	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	35.173.167.127 35.173.167.127	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:218... 2600:9000:2182:6a00:18:ee0c:6e00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.21.173.155 23.21.173.155	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	168.61.217.214 168.61.217.214	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
329	82

3 13.226.155.38 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-38.dus51.r.cloudfront.net

www.sandssurprise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 13.226.155.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-108.dus51.r.cloudfront.net

media.assets.sincrod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wsassets.cobalt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.169.206.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-206-198.compute-1.amazonaws.com

px.marchex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 209.54.178.82 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 206.189.187.108 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cdn103.acsbapp.com

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.233.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-93.deploy.static.akamaitechnologies.com

c.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.8.197.246 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-197-246.us-west-1.compute.amazonaws.com

dt.cobaltgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dt.admission.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.93.90 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-90.zrh50.r.cloudfront.net

traffic.prod.cobaltgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2182:b600:8:e7ba:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)

universal.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:3a00:1d:cf92:a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.digops.sincro.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.244.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-244-187.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.38.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-38-222.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-41.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-84.dus51.r.cloudfront.net

services.cdn.speedshiftmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.15.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-15-91.eu-west-1.compute.amazonaws.com

collector-6821.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 64.158.223.137 (Amsterdam, Netherlands) 5 redirects

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-usadmm.dotomi.com

login.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.207.16.204 (United States) 3 redirects

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-login.dotomi.com

core.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.25 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-122.fra60.r.cloudfront.net

cdn.speedshiftmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.20.64.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-64-84.compute-1.amazonaws.com

app.carnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.36 (United States)

ASN16509 (AMAZON-02, US)

api.speedshiftmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.169.236.234 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-236-234.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.30.146.101 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-146-101.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.215.191 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.230.211 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-230-211.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.47.23 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.158.62 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-158-62.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:6562:d53b:a2e7:750a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.101.82 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-101-82.zrh50.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.250.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-250-137.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.189.129 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-189-129.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.2.63 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-2-63.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.170.144.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-144-83.compute-1.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.110.4 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-110-4.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.18.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-18-91.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.21 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.98.64.218 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.173.22 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.33 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-33.fra60.r.cloudfront.net

pixel.placed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.143.172 (Cedar Knolls, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-02.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.132 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.230 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9317774.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

segment-pixel.invitemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.206.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d05 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.236.204 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 204.236.186.35.bc.googleusercontent.com

mpp.vindicosuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.227.92.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-92-182.compute-1.amazonaws.com

ad.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.86.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-86-185.eu-west-1.compute.amazonaws.com

gm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.191.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

9399534.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.65.210.166 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.mrg.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.96.113 (United States)

ASN16509 (AMAZON-02, US)

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.50.64.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-64-214.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

generalmotorscorporation.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.138.200.61 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.118.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-50.fra60.r.cloudfront.net

d29f71cuc8ityh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.161.241.46 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-241-46.compute-1.amazonaws.com

plugin.tradepending.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.113.11 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

snap-plugins.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d78 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

go.activengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pageview.activengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:5a00:6:245a:1600:21 (United States)

ASN16509 (AMAZON-02, US)

d2dhoetkfll74o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-67.fra60.r.cloudfront.net

cdn.tradepending.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:bf3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.182 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.209.200.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-200-15.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.60.58 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-60-58.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.109.165 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.14.49 (Frankfurt am Main, Germany) 11 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.173.167.127 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-167-127.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:6a00:18:ee0c:6e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

sd.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.173.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-173-155.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.61.217.214 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mrg-fb.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	sincrod.com media.assets.sincrod.com	4 MB
37	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	27 KB
30	doubleclick.net 15 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net bid.g.doubleclick.net 9317774.fls.doubleclick.net 9399534.fls.doubleclick.net	10 KB
18	google.com 5 redirects www.google.com adservice.google.com	1 KB
13	everesttech.net 12 redirects cm.everesttech.net sync-tm.everesttech.net	3 KB
13	demdex.net 4 redirects dpm.demdex.net gm.demdex.net	16 KB
12	googletagmanager.com www.googletagmanager.com	533 KB
12	cobaltgroup.com 4 redirects dt.cobaltgroup.com traffic.prod.cobaltgroup.com	30 KB
11	google.de www.google.de adservice.google.de	987 B
11	facebook.com www.facebook.com	2 KB
11	quantserve.com secure.quantserve.com pixel.quantserve.com	20 KB
10	googleadservices.com www.googleadservices.com	102 KB
10	mathtag.com 1 redirects pixel.mathtag.com sync.mathtag.com	9 KB
8	dotomi.com 5 redirects login.dotomi.com	4 KB
8	marchex.io px.marchex.io	14 KB
7	adnxs.com 3 redirects ib.adnxs.com secure.adnxs.com	7 KB
7	openx.net 4 redirects us-u.openx.net	1 KB
7	adsrvr.org 2 redirects match.adsrvr.org js.adsrvr.org insight.adsrvr.org	5 KB
6	yahoo.com 3 redirects ups.analytics.yahoo.com cms.analytics.yahoo.com sp.analytics.yahoo.com	5 KB
6	adobedtm.com assets.adobedtm.com	95 KB
6	iperceptions.com universal.iperceptions.com api.iperceptions.com sd.iperceptions.com	55 KB
5	cloudfront.net d29f71cuc8ityh.cloudfront.net d2dhoetkfll74o.cloudfront.net	219 KB
5	carnow.com app.carnow.com	14 KB
5	speedshiftmedia.com services.cdn.speedshiftmedia.com cdn.speedshiftmedia.com api.speedshiftmedia.com	15 KB
5	google-analytics.com www.google-analytics.com	20 KB
4	mrg.agency api.mrg.agency	2 KB
4	tribalfusion.com 4 redirects s.tribalfusion.com a.tribalfusion.com	2 KB
4	admission.net dt.admission.net	2 KB
4	casalemedia.com 3 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	3 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com	2 KB
4	rlcdn.com 2 redirects idsync.rlcdn.com	887 B
4	acsbapp.com 1 redirects acsbapp.com cdn.acsbapp.com	157 KB
4	facebook.net connect.facebook.net	288 KB
3	tradepending.com 1 redirects plugin.tradepending.com cdn.tradepending.com	3 KB
3	ipredictive.com 1 redirects ad.ipredictive.com sync.ipredictive.com	3 KB
3	pubmatic.com 2 redirects image6.pubmatic.com image2.pubmatic.com	1 KB
3	rubiconproject.com 1 redirects token.rubiconproject.com pixel.rubiconproject.com	810 B
3	bluekai.com 3 redirects tags.bluekai.com	2 KB
3	agkn.com 1 redirects aa.agkn.com	1 KB
3	bing.com bat.bing.com	9 KB
3	consensu.org 3 redirects core.conversant.mgr.consensu.org	1 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
3	sandssurprise.com 1 redirects www.sandssurprise.com	78 KB
2	azurewebsites.net mrg-fb.azurewebsites.net	233 B
2	rkdms.com 1 redirects mid.rkdms.com	71 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	navdmp.com 1 redirects navdmp.com cdn.navdmp.com	327 B
2	activengage.com 1 redirects go.activengage.com pageview.activengage.com	21 KB
2	vindicosuite.com 2 redirects mpp.vindicosuite.com	1 KB
2	invitemedia.com 2 redirects segment-pixel.invitemedia.com	392 B
2	tapad.com 2 redirects pixel.tapad.com	930 B
2	semasio.net 2 redirects uipglob.semasio.net	1 KB
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com	738 B
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	497 B
2	serving-sys.com 1 redirects bs.serving-sys.com lm.serving-sys.com	734 B
2	adform.net 2 redirects c1.adform.net	996 B
2	myvisualiq.net 2 redirects t.myvisualiq.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	657 B
2	bidswitch.net 2 redirects x.bidswitch.net	882 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	turn.com d.turn.com	814 B
2	tvsquared.com collector-6821.tvsquared.com	9 KB
2	sincro.io tag.digops.sincro.io	1 KB
2	quantcount.com rules.quantcount.com	3 KB
2	betrad.com c.betrad.com l.betrad.com	2 KB
1	ipify.org api.ipify.org	245 B
1	postrelease.com jadserve.postrelease.com	427 B
1	scanscout.com 1 redirects dt.scanscout.com	692 B
1	twitter.com analytics.twitter.com	582 B
1	amazonaws.com snap-plugins.s3.amazonaws.com	152 KB
1	omtrdc.net generalmotorscorporation.sc.omtrdc.net	5 KB
1	taboola.com 1 redirects sync.taboola.com	300 B
1	ispot.tv 1 redirects pi.ispot.tv	343 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com	612 B
1	exelator.com loadus.exelator.com	324 B
1	placed.com 1 redirects pixel.placed.com	568 B
1	mookie1.com 1 redirects odr.mookie1.com	600 B
1	samba.tv 1 redirects ads.samba.tv	291 B
1	samplicio.us usersync.samplicio.us	263 B
1	imdb.com 1 redirects www.imdb.com	887 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com	762 B
1	zeotap.com spl.zeotap.com	731 B
1	tremorhub.com amazon.partners.tremorhub.com	183 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	484 B
1	googleapis.com fonts.googleapis.com	461 B
1	evidon.com c.evidon.com	907 B
1	cloudflare.com cdnjs.cloudflare.com	2 KB
1	cobalt.com wsassets.cobalt.com	8 KB
0	survata.com Failed px.surveywall-api.survata.com Failed
0	ixiaa.com Failed s.ixiaa.com Failed
329	90

	Domain	Requested by
46	media.assets.sincrod.com	www.sandssurprise.com media.assets.sincrod.com wsassets.cobalt.com
37	s.amazon-adsystem.com	2 redirects wsassets.cobalt.com s.amazon-adsystem.com dt.cobaltgroup.com
14	www.google.com	4 redirects 9317774.fls.doubleclick.net 9399534.fls.doubleclick.net
12	sync-tm.everesttech.net	11 redirects
12	dpm.demdex.net	4 redirects assets.adobedtm.com
12	www.googletagmanager.com	www.sandssurprise.com media.assets.sincrod.com www.googletagmanager.com
11	www.facebook.com	connect.facebook.net dt.cobaltgroup.com
10	www.google.de	9317774.fls.doubleclick.net 9399534.fls.doubleclick.net
10	www.googleadservices.com	www.googletagmanager.com 9317774.fls.doubleclick.net 9399534.fls.doubleclick.net www.googleadservices.com
9	pixel.quantserve.com	dt.cobaltgroup.com
9	pixel.mathtag.com	media.assets.sincrod.com pixel.mathtag.com
8	login.dotomi.com	5 redirects www.sandssurprise.com
8	dt.cobaltgroup.com	2 redirects media.assets.sincrod.com dt.cobaltgroup.com
8	px.marchex.io	media.assets.sincrod.com dt.cobaltgroup.com
7	us-u.openx.net	4 redirects dt.cobaltgroup.com
7	googleads.g.doubleclick.net	4 redirects www.googleadservices.com
6	ad.doubleclick.net	4 redirects
6	assets.adobedtm.com	www.googletagmanager.com assets.adobedtm.com
5	cm.g.doubleclick.net	5 redirects
5	app.carnow.com	media.assets.sincrod.com d29f71cuc8ityh.cloudfront.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	d29f71cuc8ityh.cloudfront.net	app.carnow.com www.sandssurprise.com
4	adservice.google.com	1 redirects 9317774.fls.doubleclick.net 9399534.fls.doubleclick.net
4	api.mrg.agency	www.sandssurprise.com
4	dt.admission.net	dt.cobaltgroup.com
4	ib.adnxs.com	2 redirects
4	sync.search.spotxchange.com	3 redirects
4	idsync.rlcdn.com	2 redirects
4	stats.g.doubleclick.net	www.google-analytics.com
4	traffic.prod.cobaltgroup.com	2 redirects
4	connect.facebook.net	wsassets.cobalt.com connect.facebook.net
3	insight.adsrvr.org	js.adsrvr.org
3	secure.adnxs.com	1 redirects
3	9399534.fls.doubleclick.net	1 redirects www.googletagmanager.com
3	9317774.fls.doubleclick.net	1 redirects www.googletagmanager.com
3	s.tribalfusion.com	3 redirects
3	ups.analytics.yahoo.com	3 redirects
3	tags.bluekai.com	3 redirects
3	aa.agkn.com	1 redirects dt.cobaltgroup.com
3	api.speedshiftmedia.com	services.cdn.speedshiftmedia.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	core.conversant.mgr.consensu.org	3 redirects
3	universal.iperceptions.com	media.assets.sincrod.com universal.iperceptions.com
3	www.sandssurprise.com	1 redirects media.assets.sincrod.com
2	mrg-fb.azurewebsites.net	www.sandssurprise.com
2	mid.rkdms.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	plugin.tradepending.com	1 redirects media.assets.sincrod.com
2	api.iperceptions.com	universal.iperceptions.com
2	js.adsrvr.org	www.googletagmanager.com insight.adsrvr.org
2	pixel.rubiconproject.com
2	ad.ipredictive.com
2	mpp.vindicosuite.com	2 redirects
2	sp.analytics.yahoo.com	dt.cobaltgroup.com
2	bid.g.doubleclick.net
2	segment-pixel.invitemedia.com	2 redirects
2	cdn.acsbapp.com	acsbapp.com
2	image6.pubmatic.com	2 redirects
2	pixel.tapad.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	c1.adform.net	2 redirects
2	t.myvisualiq.net	2 redirects
2	pixel.advertising.com	2 redirects
2	x.bidswitch.net	2 redirects
2	match.adsrvr.org	2 redirects
2	sync.1rx.io	2 redirects
2	d.turn.com	dt.cobaltgroup.com
2	collector-6821.tvsquared.com	www.sandssurprise.com
2	tag.digops.sincro.io
2	rules.quantcount.com	secure.quantserve.com
2	acsbapp.com	1 redirects
2	secure.quantserve.com	wsassets.cobalt.com www.sandssurprise.com
1	adservice.google.de
1	api.ipify.org	www.sandssurprise.com
1	sd.iperceptions.com	universal.iperceptions.com
1	image2.pubmatic.com
1	sync.ipredictive.com	1 redirects
1	jadserve.postrelease.com
1	dt.scanscout.com	1 redirects
1	analytics.twitter.com
1	cdn.navdmp.com
1	navdmp.com	1 redirects
1	sync.mathtag.com	1 redirects
1	cdn.tradepending.com
1	d2dhoetkfll74o.cloudfront.net	d29f71cuc8ityh.cloudfront.net
1	pageview.activengage.com
1	go.activengage.com	1 redirects
1	snap-plugins.s3.amazonaws.com
1	generalmotorscorporation.sc.omtrdc.net	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	gm.demdex.net	assets.adobedtm.com
1	a.tribalfusion.com	1 redirects
1	sync.taboola.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	pixel.placed.com	1 redirects
1	token.rubiconproject.com	1 redirects
1	beacon.krxd.net	s.amazon-adsystem.com
1	usermatch.krxd.net	1 redirects
1	lm.serving-sys.com	s.amazon-adsystem.com
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	spl.zeotap.com	s.amazon-adsystem.com
1	cms.analytics.yahoo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	s.amazon-adsystem.com
1	sync.targeting.unrulymedia.com	1 redirects
1	cdn.speedshiftmedia.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	services.cdn.speedshiftmedia.com	www.googletagmanager.com
1	fonts.googleapis.com	media.assets.sincrod.com
1	script.hotjar.com	static.hotjar.com
1	l.betrad.com
1	c.evidon.com
1	c.betrad.com	www.sandssurprise.com
1	static.hotjar.com	wsassets.cobalt.com
1	cdnjs.cloudflare.com	www.sandssurprise.com
1	wsassets.cobalt.com	www.sandssurprise.com
0	px.surveywall-api.survata.com Failed	s.amazon-adsystem.com
0	s.ixiaa.com Failed
329	127

This site contains links to these domains. Also see Links.

Domain
www.sell2sands.com
accessories.gm.com
sites.hireology.com
www.google.com
twitter.com
www.yelp.com
www.instagram.com
www.dealerrater.com
www.youtube.com
www.facebook.com
local.yahoo.com
www.bing.com
info.evidon.com
accessibe.com

Subject Issuer	Validity	Valid
sandssurprise.com Amazon	`2021-04-30` - `2022-05-29`	a year	crt.sh
*.assets.sincrod.com Amazon	`2021-06-20` - `2022-07-19`	a year	crt.sh
*.cobalt.com Amazon	`2021-03-20` - `2022-04-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.marchex.io Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.acsbapp.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-05` - `2021-10-05`	a year	crt.sh
*.betrad.com DigiCert SHA2 Secure Server CA	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.admission.net Amazon	`2020-10-15` - `2021-11-13`	a year	crt.sh
traffic.prod.cobaltgroup.com Amazon	`2021-03-25` - `2022-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.iperceptions.com Amazon	`2021-04-15` - `2022-05-14`	a year	crt.sh
*.digops.sincro.io Amazon	`2020-10-22` - `2021-11-20`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.evidon.com DigiCert SHA2 Secure Server CA	`2021-05-30` - `2022-06-08`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.speedshiftmedia.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.tvsquared.com Amazon	`2021-08-31` - `2022-09-29`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.carnow.com Go Daddy Secure Certificate Authority - G2	`2020-01-14` - `2022-02-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.samplicio.us Amazon	`2021-04-17` - `2022-05-16`	a year	crt.sh
lm.serving-sys.com Amazon	`2020-12-29` - `2022-01-27`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.ipredictive.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.mrg.agency DigiCert TLS RSA SHA256 2020 CA1	`2020-12-04` - `2021-12-06`	a year	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
activengage.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
plugin.tradepending.com R3	`2021-07-18` - `2021-10-16`	3 months	crt.sh
cdn.tradepending.com Amazon	`2020-10-15` - `2021-11-14`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.rkdms.com Entrust Certification Authority - L1K	`2020-10-08` - `2021-10-30`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 02	`2021-07-07` - `2022-07-07`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.sandssurprise.com/
Frame ID: 5755848D02EA7F86116179A317FF6AD4
Requests: 238 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dcdd4df1b-a42a-c19e-31b8-ca1670a58a4f%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.sandssurprise.com/&ex-hargs=v%3D1.0%3Bc%3D4772903830801%3Bp%3DCDD4DF1B-A42A-C19E-31B8-CA1670A58A4F&cb=423643020593420740&dcc=t
Frame ID: 708983CBF31610937AA610577B120260
Requests: 1 HTTP requests in this frame

Frame: https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Chevrolet&dealer_id=256053&dealer_name=Sands+Chevrolet+-+Surprise&dtm_user_id=F0C51826C1BD9385CC097807523A7959&page_type=HomePage&canonical_url=https%3A%2F%2Fwww.sandssurprise.com%2F&dtmc_loc=https%3A%2F%2Fwww.sandssurprise.com%2F&dtm_user_ip=89.249.64.203&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.sandssurprise.com%2F&gdpr_consent=
Frame ID: 92183F94D70370082B42ABFAAA7C3606
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 708AA6727C31D9F97ADF8D2A2E7E13C6
Requests: 1 HTTP requests in this frame

Frame: https://universal.iperceptions.com/iFrame.html
Frame ID: C45EDEF37EB985B044AD051860B81D12
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=662c612e-2cee-4f00-afee-8f3cd034acbe&no_iframe=1&mt_adid=157853&source=mathtag
Frame ID: 7F851FAE70D99EFF34A4CEBC4A757182
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=hbAIZFE9Tf2ihm4ODbNCPw&ep=S4PNcDHn_OfuF1P5nET4mjoVrmzxNjSrMsKYEzfyHr0qrr5epVNM6kpTjDR8JmZPBnGSttxmNvXIQmguk4Yed8AqkvNfUxVG65HZE0bKl0k
Frame ID: 24E660ED014615F15340E1A6EF8602CD
Requests: 38 HTTP requests in this frame

Frame: https://gm.demdex.net/dest5.html?d_nsid=0
Frame ID: CCB5591BFE2D9A462AED87160EB841A8
Requests: 19 HTTP requests in this frame

Frame: https://9317774.fls.doubleclick.net/activityi;dc_pre=CICmjqmt2_ICFZF70wodmlYN6Q;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=334657921.1630416111;u10=256053;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u1=www.sandssurprise.com;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F
Frame ID: FF2AEED382C8A09B0D6DC3C0A301F6BA
Requests: 10 HTTP requests in this frame

Frame: https://9399534.fls.doubleclick.net/activityi;dc_pre=CLWfkqmt2_ICFWXAUQodQXQHLw;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=334657921.1630416111;u1=www.sandssurprise.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u10=256053;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F
Frame ID: C193D28548B0E2AA47A5466BAF5183B6
Requests: 10 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=pmijyo9&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&upid=evpjlkj&upv=1.1.0&td1=256053&td2=https://www.sandssurprise.com/&td3=www.sandssurprise.com
Frame ID: 7B228DD844372B65D7997DE7EA90A366
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ebpumhx&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&upid=wqk15ah&upv=1.1.0&td1=256053&td2=https://www.sandssurprise.com/&td3=www.sandssurprise.com
Frame ID: 379075F3A8F636F9B953B0DAF3510F59
Requests: 1 HTTP requests in this frame

Frame: https://app.carnow.com/chat/live?key=gmps-sands-chev&uvid=3850a085-3c2a-4f6e-ad1b-13fa4fb57d58&xdm_e=https%3A%2F%2Fwww.sandssurprise.com&xdm_c=default5751&xdm_p=1
Frame ID: 5C91CA2AF98898BCB3A0EB7D8ABC8AFE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sands Chevrolet - Surprise | Arizona Chevy Dealer Serving Peoria, Avondale & Phoenix

Page URL History Show full URLs

http://www.sandssurprise.com/ HTTP 301
https://www.sandssurprise.com/ Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

329
Requests

96 %
HTTPS

24 %
IPv6

90
Domains

127
Subdomains

82
IPs

8
Countries

5926 kB
Transfer

12961 kB
Size

1
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sell2sands.com/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://accessories.gm.com/sandsglendale?bac=114685&cs:a:i=t3_nav_service&cs:r:v=&cs:s=gmps-sands-chev
Title: Chevrolet Accessories

Search URL Search Domain Scan URL

URL: https://sites.hireology.com/sandschevroletsurprise/
Title: Employment

Search URL Search Domain Scan URL

URL: http://www.google.com/maps/search/Sands%20Chevrolet%20-%20Surprise/@33.60983,-112.42664,16z
Title: Directions

Search URL Search Domain Scan URL

URL: https://twitter.com/SandsInSurprise
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.yelp.com/biz/sands-chevrolet-surprise-surprise
Title: Yelp

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sandssurprise/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.dealerrater.com/dealer/Sands-Chevrolet-Surprise-review-28085/
Title: Dealerrater

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCeyWHi1sIv2HmQm28A7IS9A
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SandsChevroletSurprise
Title: Facebook

Search URL Search Domain Scan URL

URL: https://local.yahoo.com/info-50637148-sands-chevrolet-surprise
Title: Yahoolocal

Search URL Search Domain Scan URL

URL: https://www.bing.com/local/?lid=YN65x203706623
Title: Binglocal

Search URL Search Domain Scan URL

URL: https://info.evidon.com/pub_info/22486?v=1&nt=0&nw=false
Title: AdChoices

Search URL Search Domain Scan URL

URL: https://accessibe.com/?utm_medium=link&utm_source=widget
Title: Web Accessibility Solution By accessiBe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.sandssurprise.com/ HTTP 301
https://www.sandssurprise.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dcdd4df1b-a42a-c19e-31b8-ca1670a58a4f%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.sandssurprise.com/&ex-hargs=v%3D1.0%3Bc%3D4772903830801%3Bp%3DCDD4DF1B-A42A-C19E-31B8-CA1670A58A4F&cb=423643020593420740 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dcdd4df1b-a42a-c19e-31b8-ca1670a58a4f%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.sandssurprise.com/&ex-hargs=v%3D1.0%3Bc%3D4772903830801%3Bp%3DCDD4DF1B-A42A-C19E-31B8-CA1670A58A4F&cb=423643020593420740&dcc=t

Request Chain 49

https://acsbapp.com/apps/app/assets/js/acsb.js HTTP 301
https://acsbapp.com/apps/app/dist/js/app.js

Request Chain 55

https://traffic.prod.cobaltgroup.com/websites.gif?header_request_domain=www.sandssurprise.com&header_page_name=HomePage&header_page_label=HomePage&header_page_layout=HomePage|Advantage&header_request_uri=%2F&header_visitor_id=F0C51826C1BD9385CC097807523A7959&header_event_id=eb939c80265f10068136080020f0176c316602445322&header_session_id=F0C51826C1BD9385CC097807523A7959&header_site_id=46d9f4a0c1de100480a700146edef7ee&cs:plt=3610&cs:svrt=723&cs:ttfb=882&cs:loc=en_US&cs:theme=dcw-design-magic&cs:zip=85388-9602&cs:s=gmps-sands-chev&cs:userState=loggedOut&cs:checksum=1 HTTP 301
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?url=http%253a%252f%252ftraffic.prod.cobaltgroup.com%252fwebsites.gif%253fcs%253agvid%253d%255bdtuid%255d%2526header_request_domain%253dwww.sandssurprise.com%2526header_page_name%253dHomePage%2526header_page_label%253dHomePage%2526header_page_layout%253dHomePage%257cAdvantage%2526header_request_uri%253d%25252F%2526header_visitor_id%253dF0C51826C1BD9385CC097807523A7959%2526header_event_id%253deb939c80265f10068136080020f0176c316602445322%2526header_session_id%253dF0C51826C1BD9385CC097807523A7959%2526header_site_id%253d46d9f4a0c1de100480a700146edef7ee%2526cs%253aplt%253d3610%2526cs%253asvrt%253d723%2526cs%253attfb%253d882%2526cs%253aloc%253den_US%2526cs%253atheme%253ddcw-design-magic%2526cs%253azip%253d85388-9602%2526cs%253as%253dgmps-sands-chev%2526cs%253auserState%253dloggedOut%2526cs%253achecksum%253d1&uid=F0C51826C1BD9385CC097807523A7959&uidindex=ws HTTP 302
https://traffic.prod.cobaltgroup.com/websites.gif?cs:gvid=1630416110620755900&header_request_domain=www.sandssurprise.com&header_page_name=HomePage&header_page_label=HomePage&header_page_layout=HomePage|Advantage&header_request_uri=%2F&header_visitor_id=F0C51826C1BD9385CC097807523A7959&header_event_id=eb939c80265f10068136080020f0176c316602445322&header_session_id=F0C51826C1BD9385CC097807523A7959&header_site_id=46d9f4a0c1de100480a700146edef7ee&cs:plt=3610&cs:svrt=723&cs:ttfb=882&cs:loc=en_US&cs:theme=dcw-design-magic&cs:zip=85388-9602&cs:s=gmps-sands-chev&cs:userState=loggedOut&cs:checksum=1

Request Chain 63

https://traffic.prod.cobaltgroup.com/w.gif?cs:ev=eb939c80265f10068136080020f0176c316602445322&cs:pg=HomePage&cs:plb=HomePage&cs:ply=HomePage_flex&cs:s=gmps-sands-chev&cs:si=46d9f4a0c1de100480a700146edef7ee&cs:ssi=F0C51826C1BD9385CC097807523A7959&cs:vi=F0C51826C1BD9385CC097807523A7959&cs:theme=dcw-design-magic&cs:wt=card-header-bc8294d3-6386-4b3f-8e35-40c65dafb647,,0,0,0,1600,167,63,0,0&cs:wt=card-Search%20New-c6b6893d-072f-4627-a6f1-187bdc3f66ef,,0,20,123,135,44,64,0,0&cs:wt=card-navigationCMSf948a313-9d1b9988-22b0-490f-bf0a-d21ac3b5ecf1_67366894-6db7-43fe-b86b-e61c242031ae,,0,0,0,100,100,64,0,0&cs:wt=card-navigationModelInventory7fc19bb0-82073f6d-4864-4a9e-9e90-0fd13a9ec8a8_67366894-6db7-43fe-b86b-e61c242031ae,,0,0,0,100,100,65,0,0&cs:wt=card-Pre-Owned-714e4c7d-9204-444a-926c-5e4d41337d0c,,0,155,123,130,44,65,0,0&cs:wt=card-navigationModelInventory4282e8bc-cb1cb738-281e-4ce9-8372-4316541b66b6_67366894-6db7-43fe-b86b-e61c242031ae,,0,0,0,100,100,65,0,0&cs:wt=card-Specials-b72b6680-bd70-494c-8fe1-9a46d0504e52,,0,285,123,113,44,65,0,0&cs:wt=card-Finance-8b01817f-11ff-4843-9b9b-672a310e2009,,0,398,123,106,44,64,0,0&cs:wt=card-Service%20%26%20Parts-73987331-1792-4676-a152-79174783c3ed,,0,504,123,162,44,64,0,0&cs:wt=card-About%20Us-4727225a-6ae7-468e-8c46-92d7d4e7a1ba,,0,666,123,114,44,64,0,0&cs:wt=card-Sell%20to%20Sands-9538f67c-7ed3-4f94-88fd-1bc4b94ea9e5,,0,780,123,128,44,64,0,0&cs:wt=card-aboutMessageCard-73f203f3-254f-4609-941e-9eadc554a0f3,,0,0,168,1600,3485,18,0,0&cs:wt=card-aboutMessageCard-655d0bf4-250e-4cb0-bb20-c000bd1f4cdc,,0,0,168,1600,339,64,0,0&cs:wt=card-genericCard-dd795a26-e3ff-448a-ae74-2b1a5c156c90,,0,0,168,1600,60,64,0,0&cs:wt=card-aboutMessageCard-d9eb9d6f-f0b8-44b2-8488-ed6444691c2a,,0,0,228,1600,279,64,0,0&cs:wt=card-aboutMessageCard-e1466544-9c44-4acf-baae-53e348d45e4d,,0,0,507.328125,1600,104,64,0,0&cs:wt=card-genericCard-52966ade-0481-4609-99ef-fa8c64792e87,,0,0,611.328125,1600,282,50,0,0&cs:wt=card-keywordSearch-c08759b5-14da-40fd-a14c-2af9f122501f,,0,0,714.328125,1600,211,63,0,0&cs:wt=card-InventorySearch-ff53fbd9-55ee-4809-b0d1-3d310b25ce68,,0,0,0,1600,0,51,0,0&cs:wt=card-whyBuyCard-ec8b2984-5af4-4cfa-bbc5-d6d4588f15bd,,0,0,941.328125,1600,678,51,0,0&cs:wt=card-whyBuyCard-c3ca0f29-0d62-409a-90b8-6de868db3ca5,,0,0,0,100,0,50,0,0&cs:wt=card-whyBuyCard-ed80bbf4-2be2-4883-90a1-e207810b4413,,0,0,0,100,0,49,0,0&cs:wt=card-whyBuyCard-28928f68-289f-42b8-ba5f-307119dcd80c,,0,0,1619.421875,1600,590,33,0,0&cs:wt=card-aboutMessageCard-2e3d19f1-2dd4-4e9b-b3db-134e4e9f7783,,0,0,1905.421875,1600,304,33,0,0&cs:wt=card-aboutMessageCard-3027ef63-5236-4358-a674-80a8be5ec6cd,,0,0,0,1600,417,42,0,0&cs:wt=card-aboutMessageCard-7fb1ac93-b8ad-4e00-b5f1-7f1028b1c88d,,0,0,0,100,0,42,0,0&cs:wt=card-aboutMessageCard-c0b08b43-6c1f-4cd2-921d-a9d3ead8e356,,0,0,0,1600,207,38,0,0&cs:wt=card-aboutMessageCard-98fd4d6f-c573-4bc3-ba97-0994df1e0dc7,,0,0,0,100,0,38,0,0&cs:wt=card-aboutMessageCard-b2b2e2db-0d1f-4911-84d7-031ba1f3b3ea,,0,0,0,1600,207,36,0,0&cs:wt=card-aboutMessageCard-c5c55002-7de2-4879-9d5c-af401348c300,,0,0,2677.21875,1600,305,29,0,0&cs:wt=card-aboutMessageCard-5fb090ad-5195-47a0-a577-eac89ba36710-2,,0,0,0,1472,254,31,0,0&cs:wt=card-aboutMessageCard-5fb090ad-5195-47a0-a577-eac89ba36710-3,,0,0,0,1472,254,29,0,0&cs:wt=card-heroCard-6240c903-7f13-4987-9679-618b7e0f9c64,,0,0,3460.96875,1600,115,22,0,0&cs:wt=card-promotionCard-143abe81-9218-4789-a442-87db3c6367f0-0,,0,0,0,1120,115,26,0,0&cs:wt=card-promotionCard-143abe81-9218-4789-a442-87db3c6367f0-1,,0,0,0,1120,115,22,0,0&cs:wt=card-footer-c2320f19-a4be-4e07-a215-57bce36d30a9,,0,0,3652.96875,1600,589,16,0,0&cs:w=1600,1200,142&cs:vs=&cs:checksum=1 HTTP 301
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?url=http%3a%2f%2ftraffic.prod.cobaltgroup.com%2fw.gif%3fcs%3agvid%3d%5bdtuid%5d%26cs%3aev%3deb939c80265f10068136080020f0176c316602445322%26cs%3apg%3dHomePage%26cs%3aplb%3dHomePage%26cs%3aply%3dHomePage_flex%26cs%3as%3dgmps-sands-chev%26cs%3asi%3d46d9f4a0c1de100480a700146edef7ee%26cs%3assi%3dF0C51826C1BD9385CC097807523A7959%26cs%3avi%3dF0C51826C1BD9385CC097807523A7959%26cs%3atheme%3ddcw-design-magic%26cs%3awt%3dcard-header-bc8294d3-6386-4b3f-8e35-40c65dafb647%2c%2c0%2c0%2c0%2c1600%2c167%2c63%2c0%2c0%26cs%3awt%3dcard-Search%2520New-c6b6893d-072f-4627-a6f1-187bdc3f66ef%2c%2c0%2c20%2c123%2c135%2c44%2c64%2c0%2c0%26cs%3awt%3dcard-navigationCMSf948a313-9d1b9988-22b0-490f-bf0a-d21ac3b5ecf1_67366894-6db7-43fe-b86b-e61c242031ae%2c%2c0%2c0%2c0%2c100%2c100%2c64%2c0%2c0%26cs%3awt%3dcard-navigationModelInventory7fc19bb0-82073f6d-4864-4a9e-9e90-0fd13a9ec8a8_67366894-6db7-43fe-b86b-e61c242031ae%2c%2c0%2c0%2c0%2c100%2c100%2c65%2c0%2c0%26cs%3awt%3dcard-Pre-Owned-714e4c7d-9204-444a-926c-5e4d41337d0c%2c%2c0%2c155%2c123%2c130%2c44%2c65%2c0%2c0%26cs%3awt%3dcard-navigationModelInventory4282e8bc-cb1cb738-281e-4ce9-8372-4316541b66b6_67366894-6db7-43fe-b86b-e61c242031ae%2c%2c0%2c0%2c0%2c100%2c100%2c65%2c0%2c0%26cs%3awt%3dcard-Specials-b72b6680-bd70-494c-8fe1-9a46d0504e52%2c%2c0%2c285%2c123%2c113%2c44%2c65%2c0%2c0%26cs%3awt%3dcard-Finance-8b01817f-11ff-4843-9b9b-672a310e2009%2c%2c0%2c398%2c123%2c106%2c44%2c64%2c0%2c0%26cs%3awt%3dcard-Service%2520%2526%2520Parts-73987331-1792-4676-a152-79174783c3ed%2c%2c0%2c504%2c123%2c162%2c44%2c64%2c0%2c0%26cs%3awt%3dcard-About%2520Us-4727225a-6ae7-468e-8c46-92d7d4e7a1ba%2c%2c0%2c666%2c123%2c114%2c44%2c64%2c0%2c0%26cs%3awt%3dcard-Sell%2520to%2520Sands-9538f67c-7ed3-4f94-88fd-1bc4b94ea9e5%2c%2c0%2c780%2c123%2c128%2c44%2c64%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-73f203f3-254f-4609-941e-9eadc554a0f3%2c%2c0%2c0%2c168%2c1600%2c3485%2c18%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-655d0bf4-250e-4cb0-bb20-c000bd1f4cdc%2c%2c0%2c0%2c168%2c1600%2c339%2c64%2c0%2c0%26cs%3awt%3dcard-genericCard-dd795a26-e3ff-448a-ae74-2b1a5c156c90%2c%2c0%2c0%2c168%2c1600%2c60%2c64%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-d9eb9d6f-f0b8-44b2-8488-ed6444691c2a%2c%2c0%2c0%2c228%2c1600%2c279%2c64%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-e1466544-9c44-4acf-baae-53e348d45e4d%2c%2c0%2c0%2c507.328125%2c1600%2c104%2c64%2c0%2c0%26cs%3awt%3dcard-genericCard-52966ade-0481-4609-99ef-fa8c64792e87%2c%2c0%2c0%2c611.328125%2c1600%2c282%2c50%2c0%2c0%26cs%3awt%3dcard-keywordSearch-c08759b5-14da-40fd-a14c-2af9f122501f%2c%2c0%2c0%2c714.328125%2c1600%2c211%2c63%2c0%2c0%26cs%3awt%3dcard-InventorySearch-ff53fbd9-55ee-4809-b0d1-3d310b25ce68%2c%2c0%2c0%2c0%2c1600%2c0%2c51%2c0%2c0%26cs%3awt%3dcard-whyBuyCard-ec8b2984-5af4-4cfa-bbc5-d6d4588f15bd%2c%2c0%2c0%2c941.328125%2c1600%2c678%2c51%2c0%2c0%26cs%3awt%3dcard-whyBuyCard-c3ca0f29-0d62-409a-90b8-6de868db3ca5%2c%2c0%2c0%2c0%2c100%2c0%2c50%2c0%2c0%26cs%3awt%3dcard-whyBuyCard-ed80bbf4-2be2-4883-90a1-e207810b4413%2c%2c0%2c0%2c0%2c100%2c0%2c49%2c0%2c0%26cs%3awt%3dcard-whyBuyCard-28928f68-289f-42b8-ba5f-307119dcd80c%2c%2c0%2c0%2c1619.421875%2c1600%2c590%2c33%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-2e3d19f1-2dd4-4e9b-b3db-134e4e9f7783%2c%2c0%2c0%2c1905.421875%2c1600%2c304%2c33%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-3027ef63-5236-4358-a674-80a8be5ec6cd%2c%2c0%2c0%2c0%2c1600%2c417%2c42%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-7fb1ac93-b8ad-4e00-b5f1-7f1028b1c88d%2c%2c0%2c0%2c0%2c100%2c0%2c42%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-c0b08b43-6c1f-4cd2-921d-a9d3ead8e356%2c%2c0%2c0%2c0%2c1600%2c207%2c38%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-98fd4d6f-c573-4bc3-ba97-0994df1e0dc7%2c%2c0%2c0%2c0%2c100%2c0%2c38%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-b2b2e2db-0d1f-4911-84d7-031ba1f3b3ea%2c%2c0%2c0%2c0%2c1600%2c207%2c36%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-c5c55002-7de2-4879-9d5c-af401348c300%2c%2c0%2c0%2c2677.21875%2c1600%2c305%2c29%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-5fb090ad-5195-47a0-a577-eac89ba36710-2%2c%2c0%2c0%2c0%2c1472%2c254%2c31%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-5fb090ad-5195-47a0-a577-eac89ba36710-3%2c%2c0%2c0%2c0%2c1472%2c254%2c29%2c0%2c0%26cs%3awt%3dcard-heroCard-6240c903-7f13-4987-9679-618b7e0f9c64%2c%2c0%2c0%2c3460.96875%2c1600%2c115%2c22%2c0%2c0%26cs%3awt%3dcard-promotionCard-143abe81-9218-4789-a442-87db3c6367f0-0%2c%2c0%2c0%2c0%2c1120%2c115%2c26%2c0%2c0%26cs%3awt%3dcard-promotionCard-143abe81-9218-4789-a442-87db3c6367f0-1%2c%2c0%2c0%2c0%2c1120%2c115%2c22%2c0%2c0%26cs%3awt%3dcard-footer-c2320f19-a4be-4e07-a215-57bce36d30a9%2c%2c0%2c0%2c3652.96875%2c1600%2c589%2c16%2c0%2c0%26cs%3aw%3d1600%2c1200%2c142%26cs%3avs%3d%26cs%3achecksum%3d1&uid=F0C51826C1BD9385CC097807523A7959&uidindex=ws HTTP 302
https://traffic.prod.cobaltgroup.com/w.gif?cs:gvid=1630416110620755900&cs:ev=eb939c80265f10068136080020f0176c316602445322&cs:pg=HomePage&cs:plb=HomePage&cs:ply=HomePage_flex&cs:s=gmps-sands-chev&cs:si=46d9f4a0c1de100480a700146edef7ee&cs:ssi=F0C51826C1BD9385CC097807523A7959&cs:vi=F0C51826C1BD9385CC097807523A7959&cs:theme=dcw-design-magic&cs:wt=card-header-bc8294d3-6386-4b3f-8e35-40c65dafb647,,0,0,0,1600,167,63,0,0&cs:wt=card-Search%20New-c6b6893d-072f-4627-a6f1-187bdc3f66ef,,0,20,123,135,44,64,0,0&cs:wt=card-navigationCMSf948a313-9d1b9988-22b0-490f-bf0a-d21ac3b5ecf1_67366894-6db7-43fe-b86b-e61c242031ae,,0,0,0,100,100,64,0,0&cs:wt=card-navigationModelInventory7fc19bb0-82073f6d-4864-4a9e-9e90-0fd13a9ec8a8_67366894-6db7-43fe-b86b-e61c242031ae,,0,0,0,100,100,65,0,0&cs:wt=card-Pre-Owned-714e4c7d-9204-444a-926c-5e4d41337d0c,,0,155,123,130,44,65,0,0&cs:wt=card-navigationModelInventory4282e8bc-cb1cb738-281e-4ce9-8372-4316541b66b6_67366894-6db7-43fe-b86b-e61c242031ae,,0,0,0,100,100,65,0,0&cs:wt=card-Specials-b72b6680-bd70-494c-8fe1-9a46d0504e52,,0,285,123,113,44,65,0,0&cs:wt=card-Finance-8b01817f-11ff-4843-9b9b-672a310e2009,,0,398,123,106,44,64,0,0&cs:wt=card-Service%20&%20Parts-73987331-1792-4676-a152-79174783c3ed,,0,504,123,162,44,64,0,0&cs:wt=card-About%20Us-4727225a-6ae7-468e-8c46-92d7d4e7a1ba,,0,666,123,114,44,64,0,0&cs:wt=card-Sell%20to%20Sands-9538f67c-7ed3-4f94-88fd-1bc4b94ea9e5,,0,780,123,128,44,64,0,0&cs:wt=card-aboutMessageCard-73f203f3-254f-4609-941e-9eadc554a0f3,,0,0,168,1600,3485,18,0,0&cs:wt=card-aboutMessageCard-655d0bf4-250e-4cb0-bb20-c000bd1f4cdc,,0,0,168,1600,339,64,0,0&cs:wt=card-genericCard-dd795a26-e3ff-448a-ae74-2b1a5c156c90,,0,0,168,1600,60,64,0,0&cs:wt=card-aboutMessageCard-d9eb9d6f-f0b8-44b2-8488-ed6444691c2a,,0,0,228,1600,279,64,0,0&cs:wt=card-aboutMessageCard-e1466544-9c44-4acf-baae-53e348d45e4d,,0,0,507.328125,1600,104,64,0,0&cs:wt=card-genericCard-52966ade-0481-4609-99ef-fa8c64792e87,,0,0,611.328125,1600,282,50,0,0&cs:wt=card-keywordSearch-c08759b5-14da-40fd-a14c-2af9f122501f,,0,0,714.328125,1600,211,63,0,0&cs:wt=card-InventorySearch-ff53fbd9-55ee-4809-b0d1-3d310b25ce68,,0,0,0,1600,0,51,0,0&cs:wt=card-whyBuyCard-ec8b2984-5af4-4cfa-bbc5-d6d4588f15bd,,0,0,941.328125,1600,678,51,0,0&cs:wt=card-whyBuyCard-c3ca0f29-0d62-409a-90b8-6de868db3ca5,,0,0,0,100,0,50,0,0&cs:wt=card-whyBuyCard-ed80bbf4-2be2-4883-90a1-e207810b4413,,0,0,0,100,0,49,0,0&cs:wt=card-whyBuyCard-28928f68-289f-42b8-ba5f-307119dcd80c,,0,0,1619.421875,1600,590,33,0,0&cs:wt=card-aboutMessageCard-2e3d19f1-2dd4-4e9b-b3db-134e4e9f7783,,0,0,1905.421875,1600,304,33,0,0&cs:wt=card-aboutMessageCard-3027ef63-5236-4358-a674-80a8be5ec6cd,,0,0,0,1600,417,42,0,0&cs:wt=card-aboutMessageCard-7fb1ac93-b8ad-4e00-b5f1-7f1028b1c88d,,0,0,0,100,0,42,0,0&cs:wt=card-aboutMessageCard-c0b08b43-6c1f-4cd2-921d-a9d3ead8e356,,0,0,0,1600,207,38,0,0&cs:wt=card-aboutMessageCard-98fd4d6f-c573-4bc3-ba97-0994df1e0dc7,,0,0,0,100,0,38,0,0&cs:wt=card-aboutMessageCard-b2b2e2db-0d1f-4911-84d7-031ba1f3b3ea,,0,0,0,1600,207,36,0,0&cs:wt=card-aboutMessageCard-c5c55002-7de2-4879-9d5c-af401348c300,,0,0,2677.21875,1600,305,29,0,0&cs:wt=card-aboutMessageCard-5fb090ad-5195-47a0-a577-eac89ba36710-2,,0,0,0,1472,254,31,0,0&cs:wt=card-aboutMessageCard-5fb090ad-5195-47a0-a577-eac89ba36710-3,,0,0,0,1472,254,29,0,0&cs:wt=card-heroCard-6240c903-7f13-4987-9679-618b7e0f9c64,,0,0,3460.96875,1600,115,22,0,0&cs:wt=card-promotionCard-143abe81-9218-4789-a442-87db3c6367f0-0,,0,0,0,1120,115,26,0,0&cs:wt=card-promotionCard-143abe81-9218-4789-a442-87db3c6367f0-1,,0,0,0,1120,115,22,0,0&cs:wt=card-footer-c2320f19-a4be-4e07-a215-57bce36d30a9,,0,0,3652.96875,1600,589,16,0,0&cs:w=1600,1200,142&cs:vs=&cs:checksum=1

Request Chain 84

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Chevrolet&dealer_id=256053&dealer_name=Sands%20Chevrolet%20-%20Surprise&dtm_user_id=F0C51826C1BD9385CC097807523A7959&page_type=HomePage&vehicle_body_style=&vehicle_make=&vehicle_model=&vehicle_model_year=&vehicle_trim=&vehicle_color=&vehicle_condition=&vehicle_price=&vehicle_options=&vehicle_vin=&canonical_url=https%3A%2F%2Fwww.sandssurprise.com%2F&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwww.sandssurprise.com%2F&fpc_status= HTTP 302
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_fid%3D176%26dtm_cid%3D2925%26dtm_cmagic%3Dac34ae%26dtm_format%3D5%26cli_promo_id%3D10%26dealer_brand%3DChevrolet%26dealer_id%3D256053%26dealer_name%3DSands%2BChevrolet%2B-%2BSurprise%26dtm_user_id%3DF0C51826C1BD9385CC097807523A7959%26page_type%3DHomePage%26canonical_url%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%26dtmc_loc%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%26dtm_user_ip%3D89.249.64.203%26dtm_user_agent%3DMozilla%252F5.0%2B%2528Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F92.0.4515.159%2BSafari%252F537.36%26dtm_referrer%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%26gdpr_consent%3D HTTP 302
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Chevrolet&dealer_id=256053&dealer_name=Sands+Chevrolet+-+Surprise&dtm_user_id=F0C51826C1BD9385CC097807523A7959&page_type=HomePage&canonical_url=https%3A%2F%2Fwww.sandssurprise.com%2F&dtmc_loc=https%3A%2F%2Fwww.sandssurprise.com%2F&dtm_user_ip=89.249.64.203&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.sandssurprise.com%2F&gdpr_consent=

Request Chain 143

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1621550208998%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=889dny99999cG08C

Request Chain 144

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=164851003895000228453&ex=neustar.biz

Request Chain 145

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7591941415 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7591941415 HTTP 302
https://sync.1rx.io/usersync/tradedesk/58725a25-6d1b-4f33-8b9e-517b3fd30a31 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-5405c72b-af2f-41ee-8dd5-8b1826f8009e-003?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-5405c72b-af2f-41ee-8dd5-8b1826f8009e-003%26ex%3Drhythmone.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=RX-5405c72b-af2f-41ee-8dd5-8b1826f8009e-003&ex=rhythmone.com

Request Chain 146

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=d31e3d462c52f7f68c001d348fb6ee00

Request Chain 147

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=e0kewy99999cG08C

Request Chain 148

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1 HTTP 302
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP66d10350-0a5e-11ec-8b63-02dacf6e1626 HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP66d10350-0a5e-11ec-8b63-02dacf6e1626&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?id=b10c543ea12077f6056c49af3c247fbf460fb927&ex=aoldisplay.com

Request Chain 149

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=50813806-02ff-494a-b41c-df781a67c1cd

Request Chain 153

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=82d3956bbe4aecebcfc9c162dd9d463&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 154

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 156

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e14518125f2e269f

Request Chain 157

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=AZlsCw1VRLeD37XBfocwlQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=63155242177322213284326113704636582218

Request Chain 158

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=yskDbpWnQdmv4cbzwwoLQA HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10813213075246993409&gdpr=&gdpr_consent=

Request Chain 160

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6377616941427298700

Request Chain 161

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=6744d9dd-0a5e-11ec-b9d0-12e2ec150406 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=6744d9a6-0a5e-11ec-b9d0-12e2ec150406

Request Chain 162

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2246b0c50a-1bfa-4f3e-a935-74fc656a12f3%22,%22Time%22:%2220210831T092151.760728%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEDp0xciLH_FAh-6Y88bXNhs&google_cver=1

Request Chain 164

https://usermatch.krxd.net/um/v2?partner=amzn HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

Request Chain 165

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f8b0dc429942a1eba2d336c67b014411

Request Chain 166

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=65cdd089-8bee-ca86-0e21-ee27823332d8

Request Chain 167

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KHwbw_40RVThOrWFkndmPjc4dPg4ZgAC

Request Chain 168

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=C8114215E3F50052

Request Chain 169

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8933008340622098064&ex=appnexus.com

Request Chain 170

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=Ne67rCUmAQq4KW8AJALfEA&ex=rubiconproject.com&status=ok

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=hbAIZFE9Tf2ihm4ODbNCPw& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 172

https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-32da5e7b-c2d0-4044-8d84-53bb5fef7105&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-32da5e7b-c2d0-4044-8d84-53bb5fef7105 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-32da5e7b-c2d0-4044-8d84-53bb5fef7105&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-32da5e7b-c2d0-4044-8d84-53bb5fef7105 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-32da5e7b-c2d0-4044-8d84-53bb5fef7105

Request Chain 174

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=AC8F4F2DF02C2E61444A1CAF0277E3C8

Request Chain 175

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-NNgcdSh1l2OKoYk33f0ep1uGC6nFqHc-

Request Chain 176

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=27360508ca403e23b4bb82180d76a669da95a0dee75b154be17f87c82d61b75f

Request Chain 177

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=EAFE1233-8247-4B4C-AA63-9A379E6FBBA7

Request Chain 178

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1630090234400%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xtf-1630090234400&id=PndNmy99999jG08C

Request Chain 179

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=c2adc6fb-8485-43ca-a411-046d36543b88-tuct827b271

Request Chain 189

https://segment-pixel.invitemedia.com/pixel?pixelID=67458&partnerID=198&key=segment HTTP 302
https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment

Request Chain 190

https://s.tribalfusion.com/i.cid?c=663573&d=30&page=landingPage HTTP 302
https://s.tribalfusion.com/z/i.cid?c=663573&d=30&page=landingPage HTTP 302
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://a.tribalfusion.com/i.match?p=b26&u=8933008340622098064&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b26&u=8933008340622098064&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://ib.adnxs.com/setuid?entity=305&code=18072662191331382621

Request Chain 192

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26220;ts=907054465 HTTP 302
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1630416112

Request Chain 195

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-sands-chev&cdk_id=1630416110620755900 HTTP 302
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3035%26dtm_cmagic%3D03bfc1%26dtm_fid%3D101%26dtm_format%3D6%26cli_promo_id%3D2%26brand%3Dchevy%26optin%3Dtrue%26dealer_id%3Dgmps-sands-chev%26cdk_id%3D1630416110620755900%26dtm_user_ip%3D89.249.64.203%26dtm_user_agent%3DMozilla%252F5.0%2B%2528Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F92.0.4515.159%2BSafari%252F537.36%26dtm_referrer%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%26gdpr_consent%3D HTTP 302
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-sands-chev&cdk_id=1630416110620755900&dtm_user_ip=89.249.64.203&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.sandssurprise.com%2F&gdpr_consent= HTTP 302
https://login.dotomi.com/pixel.gif

Request Chain 198

https://dpm.demdex.net/ibs:dpid=313172&dpuuid=1630416110620755900&redir=https%3A%2F%2Fdt.cobaltgroup.com%2Fcookiejar%2F1.0%2Fcorrelate%3Fformat%3Dgif%26logonly%3D1%26uidindex%3Daam%26uid%3D$%7BDD_UUID%7D HTTP 302
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=63155242177322213284326113704636582218

Request Chain 200

https://us-u.openx.net/w/1.0/sd?id=540213371&val=1630416110620755900 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=540213371&val=1630416110620755900

Request Chain 201

https://cm.g.doubleclick.net/pixel?google_nid=cobalt_group_adp&google_hm=MTYzMDQxNjExMDYyMDc1NTkwMA HTTP 302
https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=

Request Chain 203

https://cm.everesttech.net/cm/dd?d_uuid=63155242177322213284326113704636582218 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YS4s7wAAAJPO_wQp

Request Chain 204

https://9317774.fls.doubleclick.net/activityi;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=334657921.1630416111;u10=256053;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u1=www.sandssurprise.com;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F HTTP 302
https://9317774.fls.doubleclick.net/activityi;dc_pre=CICmjqmt2_ICFZF70wodmlYN6Q;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=334657921.1630416111;u10=256053;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u1=www.sandssurprise.com;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F

Request Chain 205

https://9399534.fls.doubleclick.net/activityi;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=334657921.1630416111;u1=www.sandssurprise.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u10=256053;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F HTTP 302
https://9399534.fls.doubleclick.net/activityi;dc_pre=CLWfkqmt2_ICFWXAUQodQXQHLw;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=334657921.1630416111;u1=www.sandssurprise.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u10=256053;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F

Request Chain 209

https://secure.adnxs.com/px?id=1292049&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1292049%26t%3D1

Request Chain 218

https://ad.doubleclick.net/ddm/activity/src=10687887;type=lmagm0;cat=rt-al0;u1=Chevrolet;u2=256053;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=977003288?gtmcb=1216858823 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10687887;dc_pre=CMuRkqmt2_ICFXdEwgodQicBUg;type=lmagm0;cat=rt-al0;u1=Chevrolet;u2=256053;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=977003288?gtmcb=1216858823 HTTP 302
https://adservice.google.com/ddm/fls/z/src=10687887;dc_pre=CMuRkqmt2_ICFXdEwgodQicBUg;type=lmagm0;cat=rt-al0;u1=Chevrolet;u2=256053;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=977003288?gtmcb=1216858823

Request Chain 238

https://plugin.tradepending.com/v5/snap-qgFnJ8MGhG9bQYsjK.js HTTP 302
https://snap-plugins.s3.amazonaws.com/cached-plugins/production/snap-qgFnJ8MGhG9bQYsjK.js

Request Chain 239

https://go.activengage.com/1.js HTTP 302
https://pageview.activengage.com/js/pageview.min.js

Request Chain 253

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/609383104/?random=894946932&cv=9&fst=1630416111717&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICmjqmt2_ICFZF70wodmlYN6Q%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3DF0C51826C1BD9385CC097807523A7959%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu10%3D256053%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu1%3Dwww.sandssurprise.com%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bps%3D1&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=7ywuYfbCLI_KgAe5taeABg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/609383104/?random=894946932&cv=9&fst=1630416111717&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICmjqmt2_ICFZF70wodmlYN6Q%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3DF0C51826C1BD9385CC097807523A7959%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu10%3D256053%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu1%3Dwww.sandssurprise.com%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bps%3D1&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYfbCLI_KgAe5taeABg&cid=CAQSKQCNIrLM-uFiCE6FeIJ-MDy1Ek-At1SJhIIU-G0frPQB-6SQPGPVk9Yq&random=1385231638&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/609383104/?random=894946932&cv=9&fst=1630416111717&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICmjqmt2_ICFZF70wodmlYN6Q%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3DF0C51826C1BD9385CC097807523A7959%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu10%3D256053%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu1%3Dwww.sandssurprise.com%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bps%3D1&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYfbCLI_KgAe5taeABg&cid=CAQSKQCNIrLM-uFiCE6FeIJ-MDy1Ek-At1SJhIIU-G0frPQB-6SQPGPVk9Yq&random=1385231638&resp=GooglemKTybQhCsO&ipr=y

Request Chain 255

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/455407040/?random=632489492&cv=9&fst=1630416111760&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLWfkqmt2_ICFWXAUQodQXQHLw%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D1421974476898%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu1%3Dwww.sandssurprise.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu10%3D256053%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3Bps%3D1%3B~oref%3Dht&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=7ywuYf7zLpOBx_APq5uF6Ag&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/455407040/?random=632489492&cv=9&fst=1630416111760&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLWfkqmt2_ICFWXAUQodQXQHLw%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D1421974476898%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu1%3Dwww.sandssurprise.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu10%3D256053%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3Bps%3D1%3B~oref%3Dht&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYf7zLpOBx_APq5uF6Ag&random=3121385820&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/455407040/?random=632489492&cv=9&fst=1630416111760&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLWfkqmt2_ICFWXAUQodQXQHLw%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D1421974476898%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu1%3Dwww.sandssurprise.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu10%3D256053%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3Bps%3D1%3B~oref%3Dht&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYf7zLpOBx_APq5uF6Ag&random=3121385820&resp=GooglemKTybQhCsO&ipr=y

Request Chain 259

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/459928202/?random=266967086&cv=9&fst=1630416111717&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICmjqmt2_ICFZF70wodmlYN6Q%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3DF0C51826C1BD9385CC097807523A7959%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu10%3D256053%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu1%3Dwww.sandssurprise.com%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bps%3D1&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=7ywuYamuL9WggAfLk6v4CA&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/459928202/?random=266967086&cv=9&fst=1630416111717&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICmjqmt2_ICFZF70wodmlYN6Q%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3DF0C51826C1BD9385CC097807523A7959%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu10%3D256053%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu1%3Dwww.sandssurprise.com%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bps%3D1&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYamuL9WggAfLk6v4CA&random=2913944969&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/459928202/?random=266967086&cv=9&fst=1630416111717&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICmjqmt2_ICFZF70wodmlYN6Q%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3DF0C51826C1BD9385CC097807523A7959%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu10%3D256053%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu1%3Dwww.sandssurprise.com%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bps%3D1&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYamuL9WggAfLk6v4CA&random=2913944969&resp=GooglemKTybQhCsO&ipr=y

Request Chain 260

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/589079120/?random=324604234&cv=9&fst=1630416111760&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLWfkqmt2_ICFWXAUQodQXQHLw%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D1421974476898%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu1%3Dwww.sandssurprise.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu10%3D256053%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3Bps%3D1%3B~oref%3Dht&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=7ywuYaWrMs2CgAe8mJOQCA&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/589079120/?random=324604234&cv=9&fst=1630416111760&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLWfkqmt2_ICFWXAUQodQXQHLw%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D1421974476898%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu1%3Dwww.sandssurprise.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu10%3D256053%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3Bps%3D1%3B~oref%3Dht&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYaWrMs2CgAe8mJOQCA&cid=CAQSKQCNIrLMF4OtJYbTXWFyMuEud9BNhEsb3GzsRq_1fKvCEx_AAi1QHZX9&random=225258433&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/589079120/?random=324604234&cv=9&fst=1630416111760&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLWfkqmt2_ICFWXAUQodQXQHLw%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D1421974476898%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu1%3Dwww.sandssurprise.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu10%3D256053%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3Bps%3D1%3B~oref%3Dht&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYaWrMs2CgAe8mJOQCA&cid=CAQSKQCNIrLMF4OtJYbTXWFyMuEud9BNhEsb3GzsRq_1fKvCEx_AAi1QHZX9&random=225258433&resp=GooglemKTybQhCsO&ipr=y

Request Chain 268

https://s.amazon-adsystem.com/iu3?d=3pecm&ad=1509026001 HTTP 302
https://s.amazon-adsystem.com/iu3?d=3pecm&ad=1509026001&dcc=t

Request Chain 272

https://segment-pixel.invitemedia.com/pixel?pixelID=67458&partnerID=198&key=segment HTTP 302
https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment

Request Chain 276

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-sands-chev&cdk_id=1630416110620755900 HTTP 302
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3035%26dtm_cmagic%3D03bfc1%26dtm_fid%3D101%26dtm_format%3D6%26cli_promo_id%3D2%26brand%3Dchevy%26optin%3Dtrue%26dealer_id%3Dgmps-sands-chev%26cdk_id%3D1630416110620755900%26dtm_user_ip%3D89.249.64.203%26dtm_user_agent%3DMozilla%252F5.0%2B%2528Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F92.0.4515.159%2BSafari%252F537.36%26dtm_referrer%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%26gdpr_consent%3D HTTP 302
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-sands-chev&cdk_id=1630416110620755900&dtm_user_ip=89.249.64.203&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.sandssurprise.com%2F&gdpr_consent= HTTP 302
https://login.dotomi.com/pixel.gif

Request Chain 279

https://dpm.demdex.net/ibs:dpid=313172&dpuuid=1630416110620755900&redir=https%3A%2F%2Fdt.cobaltgroup.com%2Fcookiejar%2F1.0%2Fcorrelate%3Fformat%3Dgif%26logonly%3D1%26uidindex%3Daam%26uid%3D$%7BDD_UUID%7D HTTP 302
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=63155242177322213284326113704636582218

Request Chain 281

https://cm.g.doubleclick.net/pixel?google_nid=cobalt_group_adp&google_hm=MTYzMDQxNjExMDYyMDc1NTkwMA HTTP 302
https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=

Request Chain 283

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26220;ts=685441871 HTTP 302
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1630416112

Request Chain 297

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=63155242177322213284326113704636582218&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d63155242177322213284326113704636582218 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=609a612e-2cf2-4400-9917-327ceeb69ab5&ddsuuid=63155242177322213284326113704636582218

Request Chain 298

https://idsync.rlcdn.com/365868.gif?partner_uid=63155242177322213284326113704636582218 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNjMxNTUyNDIxNzczMjIyMTMyODQzMjYxMTM3MDQ2MzY1ODIyMTgQABoNCPLZuIkGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=653c60294d02e8a06ca37c3e4e528806ca37b4b1502e265ca0a3e6c50d9633ccb0da87c991749652

Request Chain 299

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjMxNTUyNDIxNzczMjIyMTMyODQzMjYxMTM3MDQ2MzY1ODIyMTg= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENgqpgjenYnv2rJSS28KKpc&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 300

https://navdmp.com/req?adID=63155242177322213284326113704636582218 HTTP 301
https://cdn.navdmp.com/req?adID=63155242177322213284326113704636582218

Request Chain 302

https://dt.scanscout.com/ssframework/uid?UIAA=63155242177322213284326113704636582218&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-28cef0f953d62ea972d95275edede15d HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30432&dpuuid=CI-28cef0f953d62ea972d95275edede15d

Request Chain 304

https://sync.ipredictive.com/d/sync/cookie/generic?https://dpm.demdex.net/ibs:dpid=2340&dpuuid=${ADELPHIC_CUID} HTTP 302
https://dpm.demdex.net/ibs:dpid=2340&dpuuid=68c5cdf3-0a5e-11ec-8e5a-b92da1ccdcdb

Request Chain 306

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=63155242177322213284326113704636582218?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=63155242177322213284326113704636582218?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a8decba2d32c2425386525bef4b9ce13

Request Chain 307

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=YS4s8wAEUxXKcQA4

Request Chain 308

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=YS4s8wAEFpniegAC HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YS4s8wAEFpniegAC&expires=90&_test=YS4s8wAEFpniegAC

Request Chain 309

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YS4s8wAEFWnGJgBg HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS4s8wAEFWnGJgBg&_test=YS4s8wAEFWnGJgBg HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS4s8wAEFWnGJgBg&_test=YS4s8wAEFWnGJgBg&C=1

Request Chain 310

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=YS4s8wAEUzzLKwA4 HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YS4s8wAEUzzLKwA4&_test=YS4s8wAEUzzLKwA4

Request Chain 311

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YS4s8wAEUzzLKwA4 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YS4s8wAEUzzLKwA4

Request Chain 312

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS4s8wAEUzzLKwA4

Request Chain 313

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YS4s8wAEUzzLKwA4&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YS4s8wAEUzzLKwA4&img=1&__user_check__=1&sync_id=69cdb075-0a5e-11ec-a891-1a3233820206

Request Chain 314

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YS4s8wAEUzzLKwA4&t=2592000&o=0

Request Chain 315

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=63155242177322213284326113704636582218&_ct=img HTTP 302
https://mid.rkdms.com/restricted

Request Chain 320

https://ad.doubleclick.net/ddm/activity/src=10420473;type=s_visits;cat=svisit;u1=CDK;u2=256053;u3=undefined;u4=www.sandssurprise.com;u5=https://www.sandssurprise.com/;u6=HomePage;u7=;u8=1600;u9=null;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1594306046 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10420473;dc_pre=CO_Ogq2t2_ICFcvHGQod9HMKuA;type=s_visits;cat=svisit;u1=CDK;u2=256053;u3=undefined;u4=www.sandssurprise.com;u5=https://www.sandssurprise.com/;u6=HomePage;u7=;u8=1600;u9=null;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1594306046 HTTP 302
https://adservice.google.com/ddm/fls/p/src=10420473;dc_pre=CO_Ogq2t2_ICFcvHGQod9HMKuA;type=s_visits;cat=svisit;u1=CDK;u2=256053;u3=undefined;u4=www.sandssurprise.com;u5=https://www.sandssurprise.com/;u6=HomePage;u7=;u8=1600;u9=null;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1594306046;~oref=https://www.sandssurprise.com/ HTTP 302
https://adservice.google.de/ddm/fls/p/src=10420473;dc_pre=CO_Ogq2t2_ICFcvHGQod9HMKuA;type=s_visits;cat=svisit;u1=CDK;u2=256053;u3=undefined;u4=www.sandssurprise.com;u5=https://www.sandssurprise.com/;u6=HomePage;u7=;u8=1600;u9=null;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1594306046;~oref=https://www.sandssurprise.com/

329 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.sandssurprise.com/
Redirect Chain

http://www.sandssurprise.com/
https://www.sandssurprise.com/

395 KB
60 KB

649ms
615ms

Document
text/html

13.226.155.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandssurprise.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.155.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-38.dus51.r.cloudfront.net

Software

CDK-Websites /

Resource Hash

12b660e506cc268af796b97ef1a190eca0bff45c8d5403dc2279752aedd9f737

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

:method: GET
:authority: www.sandssurprise.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: JSESSIONID=F0C51826C1BD9385CC097807523A7959
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type: text/html;charset=UTF-8
content-length: 61284
date: Tue, 31 Aug 2021 13:21:47 GMT
server: CDK-Websites
x-server-response-time: 739
strict-transport-security: max-age=7776000
nitra-side: a
logging-correlationid: 8jIDZuoB9GsPiTsEIDcf2eGvuUAOHWnP8DYa62S0tBR0RzcUPAhnXw==
cache-control: public,max-age=60
x-origin-id: cdk-pdx
x-server-start-time: 1630415899690
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: sameorigin
x-sf-cache: Hit from sitefront
x-cache: Miss from cloudfront
via: 1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Ta_UzLz3IdxUeVuKk-tN_yM5jZ3HT_oOYCLurk2rzzAnqU0kQ7cpmQ==

Redirect headers

Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Date: Tue, 31 Aug 2021 13:21:46 GMT
X-Server-Response-Time: 8
nitra-side: a
Vary: *
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Set-Cookie: JSESSIONID=F0C51826C1BD9385CC097807523A7959; Path=/; HttpOnly
Location: https://www.sandssurprise.com/
X-Server-Start-Time: 1630416106983
Logging-CorrelationId: aVgxbGt08Mhfl7MOPSDdG-BgvcRIaBNVgUiTnz35WV6IjP20P-K_hQ==
Pragma: no-cache
X-Origin-Id: cdk-pdx
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: CDK-Websites
X-Cache: Miss from cloudfront
Via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: aVgxbGt08Mhfl7MOPSDdG-BgvcRIaBNVgUiTnz35WV6IjP20P-K_hQ==

GET
H2 200 Preload.js Show response
media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23068/vendor/hydra-base/base/sitefront/ 9 KB
3 KB 71ms
19ms Script
application/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23068/vendor/hydra-base/base/sitefront/Preload.js
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 7c6cd29774590acdd0a633f80a889767f001e72bfac8d5287bf0b0722740a01f

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 30 Aug 2021 14:08:15 GMT
content-encoding: gzip
x-original-content-length: 9726
age: 83612
x-cache: Hit from cloudfront
x-server-start-time: 1630332495864
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: x3cCL10eklEV3IwQwO5DWg7WDnmgXfphlsA-hktRp6FT7E5j8B-rwQ==
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 12:29:41 GMT
server: nginx
x-server-response-time: 17
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: qQcKifFvqRUrz3rG6LWKUMbF4V2-bJvD7j8cJiJd-THNPKk06SVb4Q==
expires: Tue, 30 Aug 2022 14:08:15 GMT

GET
H2 200 bundle.css
media.assets.sincrod.com/websites/generated/bundles/5.0-7693/9fc/30w8p85g7crz4wmriua==/ 2 MB
172 KB 88ms
37ms Stylesheet
text/css 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/9fc/30w8p85g7crz4wmriua==/bundle.css
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: ffb83dc01740458a3d9908ce1f67e849ec1db1bf0e36e028ae40de7f400ba59d

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 30 Aug 2021 21:18:22 GMT
content-encoding: gzip
x-original-content-length: 1876561
age: 57805
x-cache: Hit from cloudfront
x-server-start-time: 1630358302074
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: TsqI3JXkkINoJiJaKaL4R0H51zbrOjUTP4HfCvv1FGeLn45bAEAZXw==
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 14:11:17 GMT
server: nginx
x-server-response-time: 69
vary: Accept-Encoding
content-type: text/css
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: pokiaFw-ibPUOg59SxRKdLSkLiE8lawNumHq4V1QLBu0_tLYFgVYFg==
expires: Tue, 30 Aug 2022 21:18:22 GMT

GET
H2 200 bundle.js Show response
media.assets.sincrod.com/websites/generated/bundles/5.0-7693/zjs/ghdfqyope2koaoh5+5w==/ 80 KB
17 KB 74ms
22ms Script
application/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/zjs/ghdfqyope2koaoh5+5w==/bundle.js
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 49cb91c4f1144347a19ee071b30fa8ca705d8ff05187984935c678bac2a9c546

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Thu, 26 Aug 2021 08:39:11 GMT
content-encoding: gzip
x-original-content-length: 81875
age: 448956
x-cache: Hit from cloudfront
x-server-start-time: 1629967150929
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: C9eMMzQOzO2hYVnX5KEVyIQ8oQsY7W8hb_CF-U6lBpGn7xRaRzrmGQ==
access-control-allow-origin: *
last-modified: Thu, 26 Aug 2021 04:47:17 GMT
server: nginx
x-server-response-time: 86
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: V-kpFaj2v_0jt7zsDwacj349SPkpO0iZXHLtoxiAK5G8LmxbcOMIOA==
expires: Fri, 26 Aug 2022 08:39:11 GMT

GET
H2 200 / Show response
www.sandssurprise.com/ 92 KB
16 KB 2361ms
2361ms XHR
text/html 13.226.155.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandssurprise.com/?format=pagediff&siteFrontPass=2&hashTreeUUID=67beebb3-75cf-48fd-9695-b339374fbb47

Requested by

Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23068/vendor/hydra-base/base/sitefront/Preload.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.155.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-38.dus51.r.cloudfront.net

Software

CDK-Websites /

Resource Hash

db7a9a33fa177f8c35882b37fc21f72160509ce720c79637700c2b623cb46837

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

x-page-referer
sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: JSESSIONID=F0C51826C1BD9385CC097807523A7959
:path: /?format=pagediff&siteFrontPass=2&hashTreeUUID=67beebb3-75cf-48fd-9695-b339374fbb47
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.sandssurprise.com
referer: https://www.sandssurprise.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
x-page-referer
Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Tue, 31 Aug 2021 13:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
nitra-side: a
vary: *
x-server-start-time: 1630416109234
logging-correlationid: JlYrYEQ12N4A4z2Y9xv91xGit-bplh_AHPbYjCor8uEeIl_z-espMA==
pragma: no-cache
server: CDK-Websites
x-frame-options: sameorigin
x-server-response-time: 714
strict-transport-security: max-age=7776000
content-type: text/html;charset=UTF-8
via: 1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
set-cookie: visitorId=F0C51826C1BD9385CC097807523A7959; Version=1; Comment="Tracking Visitors"; Max-Age=63072000; Expires=Thu, 31-Aug-2023 13:21:49 GMT; Secure sId=F0C51826C1BD9385CC097807523A7959; Version=1; Comment="Tracking Sessions"; Max-Age=1800; Expires=Tue, 31-Aug-2021 13:51:49 GMT; Secure savedVehicleIds=%20; expires=Mon, 30 Aug 2021 13:21:49 GMT; path=/ x-hydra-version=UNSPECIFIED
content-length: 15766
x-amz-cf-id: JlYrYEQ12N4A4z2Y9xv91xGit-bplh_AHPbYjCor8uEeIl_z-espMA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Louis-Regular.woff
media.assets.sincrod.com/agency/release/agency-web-fonts/fonts/ 28 KB
28 KB 61ms
33ms Font
application/font-woff 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/agency/release/agency-web-fonts/fonts/Louis-Regular.woff
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/9fc/30w8p85g7crz4wmriua==/bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 3efd2c8730892141933f08508d4fa13bae24f7b5788f7480c6dc6cd0d7617320

Request headers

Origin: https://www.sandssurprise.com
Referer: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/9fc/30w8p85g7crz4wmriua==/bundle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Sun, 01 Aug 2021 14:40:33 GMT
via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
x-original-content-length: 28544
age: 2587274
x-cache: Hit from cloudfront
x-server-start-time: 1627828833027
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: gyCXS8xGJQ5kwYgjWU1d20aG0kgJi9JfmCH6CjfJagj1gKqo4k8eig==
last-modified: Thu, 01 Apr 2021 22:07:29 GMT
server: nginx
x-server-response-time: 14
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 28544
x-amz-cf-id: en4U8iCYeVABfhnFdG6LwKbcZLvZkGLqx7j7t4xILphNqKy0vAj_aw==
expires: Mon, 01 Aug 2022 14:40:33 GMT

GET
H2 200 Chevrolet.png
media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23068/vendor/hydra-base/client/assets/logos/ 11 KB
12 KB 20ms
20ms Image
image/png 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23068/vendor/hydra-base/client/assets/logos/Chevrolet.png
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a5f58f6b3d0c3ffdc15315e5eb1309fe70cf97091e7dd619c2e67a477a32eb0a

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 30 Aug 2021 14:08:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 11301
age: 83608
x-cache: Hit from cloudfront
x-server-start-time: 1630332499753
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: Yaq-4OeCAVqoHOEzORyJTb9YXCp8nOzZ-EVMoO-o_JA3bOC2tcW9Bg==
last-modified: Mon, 30 Aug 2021 12:29:42 GMT
server: nginx
x-server-response-time: 16
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 11301
x-amz-cf-id: snrERRSnyglqfBCRm5cwKqXi95WQ5nvObVoIgU7m-HxnQdKevsrQYw==
expires: Tue, 30 Aug 2022 14:08:19 GMT

GET
H2 200 93cd1810ca741005860f0050568b6442.png
media.assets.sincrod.com/teams/repository/export/v/1/93c/d1810ca741005860f0050568b6442/ 19 KB
19 KB 27ms
27ms Image
image/png 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/teams/repository/export/v/1/93c/d1810ca741005860f0050568b6442/93cd1810ca741005860f0050568b6442.png
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 60294b5611f2b1ecf1dbddd7b2ba9e508d91ac967d854be350e3637ce1b70753

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Sat, 31 Jul 2021 13:43:55 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 18988
age: 2677072
x-cache: Hit from cloudfront
x-server-start-time: 1627739035062
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: nm2sVLkSbfnnrQj1f5XqyHKKNadOYme5cZo7yPFVI6QYVyEBZvommA==
last-modified: Mon, 03 Sep 2018 13:37:56 GMT
server: nginx
x-server-response-time: 27
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 18988
x-amz-cf-id: YhdN1b2dL6W6bgLAxVV7RX4ad6cDqdV1RKgPQA-JXLwohP5fPbjdVg==
expires: Sun, 31 Jul 2022 13:43:55 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Louis-Bold.woff
media.assets.sincrod.com/agency/release/agency-web-fonts/fonts/ 28 KB
28 KB 37ms
37ms Font
application/font-woff 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/agency/release/agency-web-fonts/fonts/Louis-Bold.woff
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/9fc/30w8p85g7crz4wmriua==/bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 6d21c60a7e3375728eb2a426cfe86bb65a41a212271629ae4f012ea123a1399c

Request headers

Origin: https://www.sandssurprise.com
Referer: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/9fc/30w8p85g7crz4wmriua==/bundle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Sun, 01 Aug 2021 14:40:33 GMT
via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
x-original-content-length: 28260
age: 2587274
x-cache: Hit from cloudfront
x-server-start-time: 1627828833051
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: A3WxPOephGKYNopuJZ0oe4LobAyxfSnKKiF-kXg_jWW-dfEg4lJ7BA==
last-modified: Thu, 01 Apr 2021 22:07:29 GMT
server: nginx
x-server-response-time: 16
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 28260
x-amz-cf-id: 1jtqnicZFDzDzzaZf6HkfvHjkYdn1sPUvpS5EDphbyIIpJHZnOx1rg==
expires: Mon, 01 Aug 2022 14:40:33 GMT

GET
H2 200 ionicons-subset.woff
media.assets.sincrod.com/design-deployer/dcw-designs-deployable/1.0.13333/package/designs/dcw-design-base/fonts/ion-icons/ 10 KB
10 KB 190ms
190ms Font
application/font-woff 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/design-deployer/dcw-designs-deployable/1.0.13333/package/designs/dcw-design-base/fonts/ion-icons/ionicons-subset.woff
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/9fc/30w8p85g7crz4wmriua==/bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a57834c9a7978711d3d27a53b13e2a46548deee1685fb2e4a5561f256a2fcd91

Request headers

Origin: https://www.sandssurprise.com
Referer: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/9fc/30w8p85g7crz4wmriua==/bundle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Tue, 31 Aug 2021 13:21:47 GMT
via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
x-original-content-length: 9996
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
x-server-start-time: 1630416107738
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: qZF7-CvG2JVEiRMOJMTiUIPchTl2OjRE8EFpCJcU1JK2wLHq5aptKA==
last-modified: Fri, 27 Aug 2021 21:11:37 GMT
server: nginx
x-server-response-time: 22
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
content-length: 9996
x-amz-cf-id: qZF7-CvG2JVEiRMOJMTiUIPchTl2OjRE8EFpCJcU1JK2wLHq5aptKA==
expires: Wed, 31 Aug 2022 13:21:47 GMT

GET
H2 200 fontawesome-webfont-subset.woff2
media.assets.sincrod.com/design-deployer/dcw-designs-deployable/1.0.13333/package/designs/dcw-design-base/fonts/fontawesome/ 3 KB
3 KB 27ms
27ms Font
application/font-woff2 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/design-deployer/dcw-designs-deployable/1.0.13333/package/designs/dcw-design-base/fonts/fontawesome/fontawesome-webfont-subset.woff2
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/9fc/30w8p85g7crz4wmriua==/bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: bd70c4ce4d2a8b7991b756fbe0357feb7c6d197e5fd158e9247c605ce3c09ab7

Request headers

Origin: https://www.sandssurprise.com
Referer: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/9fc/30w8p85g7crz4wmriua==/bundle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 30 Aug 2021 21:18:23 GMT
via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
x-original-content-length: 2960
age: 57804
x-cache: Hit from cloudfront
x-server-start-time: 1630358303024
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: PLmpGZSaArjU4VnTcvqhWyTX4SySnXSxF2aTYQfQ2Guo05WhRDBS4w==
last-modified: Fri, 27 Aug 2021 21:11:36 GMT
server: nginx
x-server-response-time: 17
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 2960
x-amz-cf-id: pAekxMifBeKmbbVuDejIFoRHjQszPMVvRXWKTlf3Bk_0JLf8AKdR2g==
expires: Tue, 30 Aug 2022 21:18:23 GMT

GET
H2 200 icomoon.woff
media.assets.sincrod.com/design-deployer/dcw-designs-deployable/1.0.13333/package/designs/dcw-design-base/fonts/icomoon/ 9 KB
9 KB 26ms
25ms Font
application/font-woff 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/design-deployer/dcw-designs-deployable/1.0.13333/package/designs/dcw-design-base/fonts/icomoon/icomoon.woff
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/9fc/30w8p85g7crz4wmriua==/bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 45337a208a34e3a2a68bd8813c2e79631938d5b68292ca8d29688ee7240fe13d

Request headers

Origin: https://www.sandssurprise.com
Referer: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/9fc/30w8p85g7crz4wmriua==/bundle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 30 Aug 2021 21:18:22 GMT
via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
x-original-content-length: 8960
age: 57805
x-cache: Hit from cloudfront
x-server-start-time: 1630358302564
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: w_4HGmOkupg-gfMGzGS4xvX5NNt6wqBaZKnduRRyNxhd1TacM83pfQ==
last-modified: Fri, 27 Aug 2021 21:11:37 GMT
server: nginx
x-server-response-time: 17
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 8960
x-amz-cf-id: Ad0AGKMYi2SVYgvLVL1XUU5wTUQKyXkwhEXp2m26dBS2g9vqYzDygQ==
expires: Tue, 30 Aug 2022 21:18:22 GMT

GET
H2 200 bundle.js Show response
media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/ 571 KB
166 KB 20ms
20ms Script
application/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/bundle.js
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b7342a3d85e053fea673fb2f2976b79dda7baad055c790cbe9b5f9ca4725ffe5

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 30 Aug 2021 15:41:41 GMT
content-encoding: gzip
x-original-content-length: 584786
age: 78006
x-cache: Hit from cloudfront
x-server-start-time: 1630338101104
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: hAjGzSZmBGmdmsPo2nIkn3KroDn3g5xsxHJxypMPNpBBIJcE9i7crQ==
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 14:10:06 GMT
server: nginx
x-server-response-time: 61
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: WRI1uDp3HbC3c0Xy_IE1Gdehr1Lh9umI6Z5baTGoj3bs1CYMgFhDxQ==
expires: Tue, 30 Aug 2022 15:41:41 GMT

GET
H2 200 pixeltag.js Show response
wsassets.cobalt.com/websites/dynamic/bundles/5.0-7693/dkn/fak0ssjfqrsygvzj61g==/ 26 KB
8 KB 361ms
28ms Script
application/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsassets.cobalt.com/websites/dynamic/bundles/5.0-7693/dkn/fak0ssjfqrsygvzj61g==/pixeltag.js?webId=gmps-sands-chev&locale=en_US&originalDomain=http%3A%2F%2Fwww.sandssurprise.com%2F
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: CDK-Websites /
Resource Hash: f29abc737917103e1a1cb43565608f684c2a4e4476b343b79cfeaece72809502

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Thu, 26 Aug 2021 21:43:36 GMT
content-encoding: gzip
age: 401892
x-cache: Hit from cloudfront
nitra-side: b
x-server-start-time: 1630014216655
logging-correlationid: _wjfH4Ta7y9IHCjcuC8m5xAMOhW-rXRm8dnF8jfrnpQ9phqXpcVAuA==
server: CDK-Websites
etag: dknfak0ssjfqrsygvzj61g==
x-server-response-time: 9
content-type: application/javascript;charset=ISO-8859-1
via: 1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 7122
x-amz-cf-id: emDjxYS_bTnfNoAY30qIZdSwQAx9JisE-OG0_Jjt2iS2zGMqzpfzZQ==
expires: Fri, 26 Aug 2022 21:43:36 GMT

GET
H2 200 annyang.min.js Show response
cdnjs.cloudflare.com/ajax/libs/annyang/2.6.0/ 4 KB
2 KB 40ms
26ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/annyang/2.6.0/annyang.min.js

Requested by

Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

272b9ff60113bccbe6ae7a3bbfb5656ef98a1c0364639ed13e598c1cdaacb37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 410320
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1753
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-1167"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9V9%2B9czBgLsN9sxOaKvDZYj1ryZdHMu9O1tzbx%2F2bvrTs2pJr5bfEc6zMagwG40bamux5EqQfQ8ZR4WiyLJ4Q2ovM0AUtgMVi7FQFUvOlf8rJye%2BvmUq8qNwPkLXE9sXbjvoRQ1MYzFMToEbj5g4%2F6u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 687690636da816ee-FRA
expires: Sun, 21 Aug 2022 13:21:48 GMT

GET
H2 200 6842717dd1954532b9188ffd7de3ec68_10x60.png
media.assets.sincrod.com/websites/content/gmps-sands-chev// 93 B
675 B 242ms
238ms Image
image/png 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-sands-chev//6842717dd1954532b9188ffd7de3ec68_10x60.png
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: e319b9b16255038ec558a7569a8ba8ea7daa885ed73fd0d6eba7e183f9258167

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Tue, 31 Aug 2021 13:21:48 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 1852
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
x-server-start-time: 1630416108169
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: _y2QpQttrzlEm3UmbrfVlcGxNes-h2TWzTjQcVu14hVAeQsVNirbNg==
last-modified: Fri, 09 Apr 2021 22:27:41 GMT
server: nginx
x-server-response-time: 52
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
content-length: 93
x-amz-cf-id: _y2QpQttrzlEm3UmbrfVlcGxNes-h2TWzTjQcVu14hVAeQsVNirbNg==
expires: Wed, 31 Aug 2022 13:21:48 GMT

GET
H2 200 c16d6aa3ef12417db45aa32ec0ddf37a_2400x419.png
media.assets.sincrod.com/websites/content/gmps-sands-chev// 655 KB
657 KB 34ms
31ms Image
image/png 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-sands-chev//c16d6aa3ef12417db45aa32ec0ddf37a_2400x419.png
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: cccc6e1e022fa197be37d1c4bd77b74f628d6b65999ae433081c44a6dc196c8e

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 18 Aug 2021 23:11:57 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 532097
age: 1087790
x-cache: Hit from cloudfront
x-server-start-time: 1629328317584
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: mYdPr5Fe_vm1_cyaOEz7phy_DOEuen_zjlmb0zEmII--z4BHAqqiOQ==
last-modified: Fri, 09 Apr 2021 22:28:57 GMT
server: nginx
x-server-response-time: 354
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 670621
x-amz-cf-id: pERcUZ3NQqnIAOhjXrrnwNUffBqWEzfLXS1bMDX5jonPhhjAb2ibCw==
expires: Thu, 18 Aug 2022 23:11:57 GMT

GET
H2 200 23a63b58d11948438cc61004220c15b8_2100x890.png
media.assets.sincrod.com/websites/content/gmps-sands-chev// 355 KB
356 KB 40ms
36ms Image
image/png 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-sands-chev//23a63b58d11948438cc61004220c15b8_2100x890.png
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 93715f4d3435f7b1b30fee7eeaca9f487359f6c9ae970fe790fdb02db2372c0d

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 18 Aug 2021 23:11:57 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 331738
age: 1087790
x-cache: Hit from cloudfront
x-server-start-time: 1629328317588
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: uzVtpjEWjc87YHe3A6MEWGtxvgShBSutKMzefYZiHwpb7v9FLYlnuQ==
last-modified: Fri, 09 Apr 2021 23:31:00 GMT
server: nginx
x-server-response-time: 409
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 363353
x-amz-cf-id: AXwGrELQZE_uefarNRNViuOfz_5lGtlZdp683JW1c1iU7CCFpRUZnA==
expires: Thu, 18 Aug 2022 23:11:57 GMT

GET
H2 200 14ed4da9df504dbb91b2ad71923aa36f_170x170.png
media.assets.sincrod.com/websites/content/gmps-sands-chev// 5 KB
6 KB 34ms
31ms Image
image/png 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-sands-chev//14ed4da9df504dbb91b2ad71923aa36f_170x170.png
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: f1281f57d96af87f795e9bc085aa12b3d7fcf35f045ef72f90014c98496d629b

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Sat, 28 Aug 2021 21:12:30 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 8580
age: 230958
x-cache: Hit from cloudfront
x-server-start-time: 1630185150763
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: qTUkATifAejJRtgoKTQveplPkMSYhnI2iBciaz5VYWjsLBw7m1uhAg==
last-modified: Fri, 09 Apr 2021 23:38:17 GMT
server: nginx
x-server-response-time: 73
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 5595
x-amz-cf-id: 6peuVCrbPuVVY7GsSpBgZ4AP0AnWrVNDqkm5NySBTDd-luuKWqQgqQ==
expires: Sun, 28 Aug 2022 21:12:30 GMT

GET
H2 200 48c243094fda4f968bd9d22fafbba906_170x170.png
media.assets.sincrod.com/websites/content/gmps-sands-chev/about_message/ 11 KB
12 KB 53ms
49ms Image
image/png 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-sands-chev/about_message/48c243094fda4f968bd9d22fafbba906_170x170.png
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 6093cd86a9cc3e8039eff9db3b4f2f69c7d068072b954f61f8e59ec65bf4b790

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 18 Aug 2021 23:11:58 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 14182
age: 1087790
x-cache: Hit from cloudfront
x-server-start-time: 1629328318068
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: Sf2TWW8gjEnC4n3VHFYKoTHGNzPgSZBOVdydDGtvrNx8RxbRkyTueA==
last-modified: Fri, 09 Apr 2021 23:39:32 GMT
server: nginx
x-server-response-time: 40
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 11197
x-amz-cf-id: CvyenTOkutwplVU25K56z7K0qNzjjCg957v0q8-33kKcQoDS-x94WA==
expires: Thu, 18 Aug 2022 23:11:58 GMT

GET
H2 200 776eb9ef52064747834d8adae767a133_170x170.png
media.assets.sincrod.com/websites/content/gmps-sands-chev/about_message/ 6 KB
6 KB 41ms
38ms Image
image/png 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-sands-chev/about_message/776eb9ef52064747834d8adae767a133_170x170.png
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: f245d6d61009a3b1a6ec4612c40b68c55f5db5f491bcdd749b0c5a8a6a42cc80

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 18 Aug 2021 23:11:58 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 9011
age: 1087790
x-cache: Hit from cloudfront
x-server-start-time: 1629328318062
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: yNjiSCxV5NB8xMCRLaQOEbPCkcrSh9fgN6Y_wwRFvEqGQYqXAulldA==
last-modified: Fri, 09 Apr 2021 23:40:23 GMT
server: nginx
x-server-response-time: 76
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 6026
x-amz-cf-id: edHyvrMSsDSm208VRq3Ip33zNc_kOuWQmGfDVVoX8JDmDpBLJw6PkQ==
expires: Thu, 18 Aug 2022 23:11:58 GMT

GET
H2 200 2a84d5c335bc4d91bf32490b2834b214_170x170.png
media.assets.sincrod.com/websites/content/gmps-sands-chev/about_message/ 6 KB
6 KB 35ms
33ms Image
image/png 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-sands-chev/about_message/2a84d5c335bc4d91bf32490b2834b214_170x170.png
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 64699e0cc63a06e8530061f73cf7cf46628e2b5d15a5c7d963715a4b888d70aa

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 18 Aug 2021 23:11:58 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 8877
age: 1087790
x-cache: Hit from cloudfront
x-server-start-time: 1629328318064
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: LnRbLDN3vTlFy5020Cbji_P9GJycTD2vrmRIN0fr_R2v5a1ByjS0Gw==
last-modified: Fri, 09 Apr 2021 23:41:13 GMT
server: nginx
x-server-response-time: 46
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 5892
x-amz-cf-id: ai_itCuNxf240wkL4E8zc1gzG8RMShuRYLSAPVgbNrBqlHqOayD43Q==
expires: Thu, 18 Aug 2022 23:11:58 GMT

GET
H2 200 cd875d7db60548ee80d99efb1ec583e5_2100x530.png
media.assets.sincrod.com/websites/content/gmps-sands-chev// 327 KB
328 KB 519ms
516ms Image
image/png 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-sands-chev//cd875d7db60548ee80d99efb1ec583e5_2100x530.png
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 4c80141c848fcc5d3c9a281bdadf72485c082b6128bca14177ebe42cd8a58290

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Tue, 31 Aug 2021 13:21:48 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 282388
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
x-server-start-time: 1630416108164
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: ttjEI8xSMtDCihQmPSLJ2BSFhmMLssW9ntpfkhHiCHQmPkBucqkJBQ==
last-modified: Sat, 10 Apr 2021 00:11:33 GMT
server: nginx
x-server-response-time: 333
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
content-length: 334412
x-amz-cf-id: ttjEI8xSMtDCihQmPSLJ2BSFhmMLssW9ntpfkhHiCHQmPkBucqkJBQ==
expires: Wed, 31 Aug 2022 13:21:48 GMT

GET
H2 200 ee2ecf718e5542e2865fe4f3d981863b_2100x505.png
media.assets.sincrod.com/websites/content/gmps-sands-chev// 390 KB
391 KB 48ms
45ms Image
image/png 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-sands-chev//ee2ecf718e5542e2865fe4f3d981863b_2100x505.png
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: ca3a564b2e340347beac82d19c453636da156d26e84f5034ff07262510fe556c

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 18 Aug 2021 23:11:59 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 330659
age: 1087789
x-cache: Hit from cloudfront
x-server-start-time: 1629328318656
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: wCTzLi8FVAwcrevj2aj-xGKSxrsmnMDestAr1dfkTSJfOz-wQ-YaDw==
last-modified: Fri, 09 Apr 2021 23:24:14 GMT
server: nginx
x-server-response-time: 370
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 399011
x-amz-cf-id: 5h6knyyW7ENvoL6prhBCaClnSIViET7H6XmBXtfN6Cnb5KhoxQBRdA==
expires: Thu, 18 Aug 2022 23:11:59 GMT

GET
H2 200 b7a0d009bca842fb8ecb9dd995f36955_c0x0-1600x686.jpg
media.assets.sincrod.com/websites/content/gmps-sands-chev/generic/ 87 KB
88 KB 55ms
52ms Image
image/jpeg 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-sands-chev/generic/b7a0d009bca842fb8ecb9dd995f36955_c0x0-1600x686.jpg
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: f80bd360630795d3fb42791688fafa9b55a40165c2c50e9a0fd8b0c29c0b29d1

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Sat, 28 Aug 2021 21:12:34 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 111800
age: 230954
x-cache: Hit from cloudfront
x-server-start-time: 1630185154084
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: QkgN00HkkwBhFqJLGMYg2Data2ZyLgu2m72XujWIzgYkJPzRBqPftg==
last-modified: Thu, 23 Jan 2020 15:23:36 GMT
server: nginx
x-server-response-time: 125
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 89575
x-amz-cf-id: g_po9nhwwoks7IGpr6Atq_SiIPBPDDdSbSEzDyJPQ5Pk9B_CqUsttg==
expires: Sun, 28 Aug 2022 21:12:34 GMT

GET
H2 200 dd1b8e45426d4570ba03337bba8f2da4_c0x0-1600x686.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/ 163 KB
164 KB 39ms
36ms Image
image/jpeg 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/dd1b8e45426d4570ba03337bba8f2da4_c0x0-1600x686.jpg
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: f4eef949e9588715bfa17f70d4e6e805cdddbb0bf551bd520af98856f982e456

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 02 Aug 2021 20:38:17 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 301345
age: 2479411
x-cache: Hit from cloudfront
x-server-start-time: 1627936697642
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: q3mSAjPcOcGzlOcy3kNumKbWPS1uw7Mm-7qDSt4VsXjmP-EQbZkIdQ==
last-modified: Thu, 28 Feb 2019 23:40:57 GMT
server: nginx
x-server-response-time: 148
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 167127
x-amz-cf-id: EkPsCC9kA3pIfrbr0PBrKQYnSETENuDzVzFeYordzDfdwuXtZECMxA==
expires: Tue, 02 Aug 2022 20:38:17 GMT

GET
H2 200 b04c9937960d4e8e90a51fe746f968bf_c0x0-1600x686.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/ 311 KB
312 KB 30ms
27ms Image
image/jpeg 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/b04c9937960d4e8e90a51fe746f968bf_c0x0-1600x686.jpg
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 9cb5a4eb74c3c68f92e2d3726604c83c43dd65b8a0a63ea218f805257e2b5f02

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Tue, 03 Aug 2021 04:11:59 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 548373
age: 2452189
x-cache: Hit from cloudfront
x-server-start-time: 1627963919767
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: ylaJJpOKJLzCtVk0r3o8T10xtPVAj5x_P_J771Pv_LifnVUzKxFUvA==
last-modified: Tue, 03 Aug 2021 04:11:11 GMT
server: nginx
x-server-response-time: 141
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 318259
x-amz-cf-id: bX04Tcavrr7eLZ3gOPrTBadKJGbPaq6jUN5QjpdfBLq2S1sr6tDELg==
expires: Wed, 03 Aug 2022 04:11:59 GMT

GET
H2 200 9aeffba7886a400ebf1a0ac7d216a61d_c0x0-1600x686.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/ 256 KB
257 KB 30ms
28ms Image
image/jpeg 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/9aeffba7886a400ebf1a0ac7d216a61d_c0x0-1600x686.jpg
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: c9b3ffe2cc96c9b61e78a4acb5788c87c5c452690bdfb86621c02d3c39448d17

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 02 Aug 2021 18:32:17 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 464111
age: 2486971
x-cache: Hit from cloudfront
x-server-start-time: 1627929137329
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: CVKVHlkb5dLTcMSutERl6VxmvWDO-Xm4OgDDmElgY0ceruZbju9Sbg==
last-modified: Mon, 02 Aug 2021 15:44:56 GMT
server: nginx
x-server-response-time: 345
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 262075
x-amz-cf-id: L_WIer9Mu2deZH0_64CViTbDqHk2_u4DNXfGvpdtFLg1Q2NRn5hEfQ==
expires: Tue, 02 Aug 2022 18:32:17 GMT

GET
H2 200 9b9e8ccf6c824a829ee420c2a34e1abe_c0x0-1600x686.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/ 141 KB
142 KB 33ms
31ms Image
image/jpeg 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/9b9e8ccf6c824a829ee420c2a34e1abe_c0x0-1600x686.jpg
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 596765570327943efb436c45c32fd36e6754f211f1fda787bfc3ecdc7a8d3730

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 02 Aug 2021 18:32:18 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 260194
age: 2486970
x-cache: Hit from cloudfront
x-server-start-time: 1627929137852
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: pdfk37vB40H3grv9bP8VSIUEV_AmQq576m1kVcdaJ_xpaTqACyXhww==
last-modified: Mon, 02 Aug 2021 15:41:30 GMT
server: nginx
x-server-response-time: 170
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 144229
x-amz-cf-id: -oIk7i1uzBpJnCbL1y6JTRauauIBUoRW0UnIDssu4a_GqsEUMo7_qQ==
expires: Tue, 02 Aug 2022 18:32:18 GMT

GET
H2 200 e5375d1213914fcabf7bea7bf853522a_c694x0-1011x434.png
media.assets.sincrod.com/websites/content/gmps-sands-chev// 597 KB
598 KB 54ms
53ms Image
image/png 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-sands-chev//e5375d1213914fcabf7bea7bf853522a_c694x0-1011x434.png
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 8974838b6ac4bad22c5a299bd6edd54c35f2ad45010c9fb4c6a887300ffc6c4f

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 18 Aug 2021 23:11:57 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 603403
age: 1087791
x-cache: Hit from cloudfront
x-server-start-time: 1629328317588
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: GcNhD9syS4mG3fiD8WF24rI8UNNxHlMjz_l2yJI9c0y0RU9AXPWdqw==
last-modified: Fri, 09 Apr 2021 22:30:47 GMT
server: nginx
x-server-response-time: 191
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 611480
x-amz-cf-id: BYhvuwuoqWAQ5gmu4FtEcw5iSQxnC4BXivHOdYUW1u2ipHDXCtPqHg==
expires: Thu, 18 Aug 2022 23:11:57 GMT

GET
H2 200 484b66807998100580ab20145efa6b30.js Show response
media.assets.sincrod.com/teams/repository/export/484/b66807998100580ab20145efa6b30/ 24 KB
6 KB 32ms
32ms Script
text/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/teams/repository/export/484/b66807998100580ab20145efa6b30/484b66807998100580ab20145efa6b30.js
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a2a24924de8430c1e2b8d4ea1fd64d5c9da6a99a492c42f4a38b0ac03a2b843c

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Tue, 31 Aug 2021 13:21:01 GMT
content-encoding: gzip
x-original-content-length: 24575
age: 47
x-cache: Hit from cloudfront
x-server-start-time: 1630110752431
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: T85jy1qLMn6RFN6UJfpdrp_R3W-Uem59nN0T9PmpzNBPUq93qB3VAw==
access-control-allow-origin: *
last-modified: Mon, 26 Nov 2018 19:55:56 GMT
server: nginx
x-server-response-time: 19
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=300
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: hQuGVDe_ZX73kNAzO4s6jGF_SIV4cYRHCQdGBa2f_VObsyN0oxQT6w==
expires: Sat, 28 Aug 2021 00:37:32 GMT

GET
H2 200 Co.directive.insight.js Show response
media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23068/vendor/hydra-core/client/directives/ 39 KB
10 KB 19ms
19ms Script
application/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23068/vendor/hydra-core/client/directives/Co.directive.insight.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: f4794cf7673eb8cfa769bea7abad324e13c48b03d3b5e6bb9106f1251a6254a0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 30 Aug 2021 14:08:18 GMT
content-encoding: gzip
x-original-content-length: 39615
age: 83611
x-cache: Hit from cloudfront
x-server-start-time: 1630332498186
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: 7Jk8ttkCRtH0erVFRQn8TxROMUvdOMnHc3m8JsCUj_BSLbriVmu96Q==
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 12:29:39 GMT
server: nginx
x-server-response-time: 28
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: P6gu6sXMGIz_46dnl3JhWRAM-BAg3NwjL7P1rrUsGvaBXq8lQLKgsg==
expires: Tue, 30 Aug 2022 14:08:18 GMT

GET
H2 200 Co.directive.datalayer.js Show response
media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23068/vendor/hydra-core/client/directives/ 45 KB
10 KB 19ms
18ms Script
application/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23068/vendor/hydra-core/client/directives/Co.directive.datalayer.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 9253a69aeeb9c415d101c27669f1d1daf6be673d54aa3318c1dba05623bb4e54

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 30 Aug 2021 14:08:18 GMT
content-encoding: gzip
x-original-content-length: 45647
age: 83611
x-cache: Hit from cloudfront
x-server-start-time: 1630332498893
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: szCay7ShDC2THixCWrTt1Nqq9rt37p0NLpGEzysr0rFNQe7jS4r5iQ==
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 12:29:41 GMT
server: nginx
x-server-response-time: 18
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: SE_RDYhTFSksCseEaNt6j_eenQVDC0fJAF3P097VBqVWbKJu6-WRZw==
expires: Tue, 30 Aug 2022 14:08:18 GMT

GET
H2 200 Chevrolet.png
media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23068/vendor/hydra-base/client/assets/logos/ 11 KB
12 KB 21ms
20ms Image
image/png 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23068/vendor/hydra-base/client/assets/logos/Chevrolet.png
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a5f58f6b3d0c3ffdc15315e5eb1309fe70cf97091e7dd619c2e67a477a32eb0a

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 30 Aug 2021 14:08:19 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 11301
age: 83610
x-cache: Hit from cloudfront
x-server-start-time: 1630332499753
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: Yaq-4OeCAVqoHOEzORyJTb9YXCp8nOzZ-EVMoO-o_JA3bOC2tcW9Bg==
last-modified: Mon, 30 Aug 2021 12:29:42 GMT
server: nginx
x-server-response-time: 16
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 11301
x-amz-cf-id: YIWJwdMDP__Cbp5_wJx3ZBKt_zKy12Hd_FZzR6922TdjBi5dN7oGcQ==
expires: Tue, 30 Aug 2022 14:08:19 GMT

GET
H2 200 93cd1810ca741005860f0050568b6442.png
media.assets.sincrod.com/teams/repository/export/v/1/93c/d1810ca741005860f0050568b6442/ 19 KB
19 KB 22ms
22ms Image
image/png 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/teams/repository/export/v/1/93c/d1810ca741005860f0050568b6442/93cd1810ca741005860f0050568b6442.png
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 60294b5611f2b1ecf1dbddd7b2ba9e508d91ac967d854be350e3637ce1b70753

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Sat, 31 Jul 2021 13:43:55 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 18988
age: 2677074
x-cache: Hit from cloudfront
x-server-start-time: 1627739035062
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: nm2sVLkSbfnnrQj1f5XqyHKKNadOYme5cZo7yPFVI6QYVyEBZvommA==
last-modified: Mon, 03 Sep 2018 13:37:56 GMT
server: nginx
x-server-response-time: 27
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 18988
x-amz-cf-id: COdomOeBVwi6sWC2Ve6NS0NRrZfXLmVNxx3ZUCEpZG3vEVErBihQWQ==
expires: Sun, 31 Jul 2022 13:43:55 GMT

GET
H2 200 ds.js Show response
px.marchex.io/ 6 KB
6 KB 306ms
98ms Script
text/javascript 35.169.206.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://px.marchex.io/ds.js?_=1630416107852
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.206.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-206-198.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 5f22c75ea3d26a7ca021bac74aa01a905506f8a9bd98cb3a0ea9b7c713ce4cf9

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "17fb-5c6109ac82177"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: text/javascript
content-length: 6139

GET
H2 200 2e815bb0c16e1005809c0050568bfc31.js Show response
media.assets.sincrod.com/teams/repository/export/2e8/15bb0c16e1005809c0050568bfc31/ 5 KB
2 KB 32ms
32ms Script
application/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/teams/repository/export/2e8/15bb0c16e1005809c0050568bfc31/2e815bb0c16e1005809c0050568bfc31.js
Requested by: Host: wsassets.cobalt.com
URL: https://wsassets.cobalt.com/websites/dynamic/bundles/5.0-7693/dkn/fak0ssjfqrsygvzj61g==/pixeltag.js?webId=gmps-sands-chev&locale=en_US&originalDomain=http%3A%2F%2Fwww.sandssurprise.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 9c7fcb1fa705fa40278333a8b3834c06af49fa8cc2245051c6d6629b5e7a56a0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Tue, 31 Aug 2021 13:18:44 GMT
content-encoding: gzip
x-original-content-length: 4642
age: 186
x-cache: Hit from cloudfront
x-server-start-time: 1630024608069
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: _2D6RPIKjxhNK-i_Hg-mwujOmYJeOzLIQsyttwJIwLvP1WvR4B1tqg==
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 17:44:33 GMT
server: nginx
x-server-response-time: 17
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=300
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: VDtep8M0JV0euXpychycFSwfH_eAJKSvekHRoX7_tUNpj3u2lthV9g==
expires: Fri, 27 Aug 2021 00:41:48 GMT

GET
H2 200 e39f15e0949c100588110050568b5709.js Show response
media.assets.sincrod.com/teams/repository/export/e39/f15e0949c100588110050568b5709/ 27 KB
7 KB 51ms
50ms Script
text/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/teams/repository/export/e39/f15e0949c100588110050568b5709/e39f15e0949c100588110050568b5709.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 2401ba04172df8d8d08948f32b9d7eeccd145eafa3888a24412a1f71981c37ba

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Tue, 31 Aug 2021 13:21:09 GMT
content-encoding: gzip
x-original-content-length: 27687
age: 41
x-cache: Hit from cloudfront
x-server-start-time: 1630202963310
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: QrVdsqBng1CD30N-cHbRO4zGKf7A0TR9ca2GGG9bhyJpTeTCeOtnRg==
access-control-allow-origin: *
last-modified: Thu, 30 Aug 2018 08:35:42 GMT
server: nginx
x-server-response-time: 16
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=300
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: NV6rZsKG9hIdjwDQqN16n9BFgIu_pY6JWhjNdhCD9U2DX6d1OB7cWQ==
expires: Sun, 29 Aug 2021 02:14:23 GMT

GET
H2 200 c798ee2acf1c4d7a8e57e12226134ae4.js Show response
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/file/v/3/ed3870af-fb5c-4af3-b23a-3b59ccc7688e/ 6 KB
2 KB 21ms
21ms Script
application/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/file/v/3/ed3870af-fb5c-4af3-b23a-3b59ccc7688e/c798ee2acf1c4d7a8e57e12226134ae4.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 4e96a42492bf53f25ff9d2558ed3bae209f12d98a854504ca4e8b6b0a27eb292

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Sat, 31 Jul 2021 08:08:02 GMT
content-encoding: gzip
x-original-content-length: 6492
age: 2697227
x-cache: Hit from cloudfront
x-server-start-time: 1627718882916
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: Ys0pVLgRKG1jxAUCStqNXVbTbWVGa0Ldx4inpWqbVVcIAmZm3hoWIg==
access-control-allow-origin: *
last-modified: Thu, 15 Apr 2021 20:09:13 GMT
server: nginx
x-server-response-time: 15
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: TlSBYI3SMPM6-cTTtqJkN7SwQOMdjeVDs_-vr-yKWorgCNzrwUEoJA==
expires: Sun, 31 Jul 2022 08:08:02 GMT

GET
H/1.1

200
OK

Cookie set iu3 Show response
s.amazon-adsystem.com/ Frame 7089
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dcdd4df1b-a42a-c19e-31b8-ca1670a58a4f%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.sandssurprise.com/&ex-hargs=v%3D1.0%3Bc%3D4772...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dcdd4df1b-a42a-c19e-31b8-ca1670a58a4f%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.sandssurprise.com/&ex-hargs=v%3D1.0%3Bc%3D4772...

602 B
1 KB

130ms
129ms

Document
text/html

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dcdd4df1b-a42a-c19e-31b8-ca1670a58a4f%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.sandssurprise.com/&ex-hargs=v%3D1.0%3Bc%3D4772903830801%3Bp%3DCDD4DF1B-A42A-C19E-31B8-CA1670A58A4F&cb=423643020593420740&dcc=t

Requested by

Host: wsassets.cobalt.com
URL: https://wsassets.cobalt.com/websites/dynamic/bundles/5.0-7693/dkn/fak0ssjfqrsygvzj61g==/pixeltag.js?webId=gmps-sands-chev&locale=en_US&originalDomain=http%3A%2F%2Fwww.sandssurprise.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

32d9b61f6fb6077c437beb41978e340b70a9ac050612be1c65c78ca3f988a094

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.sandssurprise.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A2Hgda15xEn0gRGfZc96SD0|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.sandssurprise.com/

Response headers

Server: Server
Date: Tue, 31 Aug 2021 13:21:50 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 602
Connection: keep-alive
x-amz-rid: YANQ1HHJQ5V3S5BT5AKB
Set-Cookie: ad-id=A2Hgda15xEn0gRGfZc96SD0; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 13:21:50 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Oct-2026 13:21:50 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: Server
Date: Tue, 31 Aug 2021 13:21:50 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: TVJA7X5Y7N3P4KY40XF2
Set-Cookie: ad-id=A2Hgda15xEn0gRGfZc96SD0|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 13:21:50 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dcdd4df1b-a42a-c19e-31b8-ca1670a58a4f%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.sandssurprise.com/&ex-hargs=v%3D1.0%3Bc%3D4772903830801%3Bp%3DCDD4DF1B-A42A-C19E-31B8-CA1670A58A4F&cb=423643020593420740&dcc=t
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H2 200 ds.js Show response
px.marchex.io/ 6 KB
6 KB 392ms
189ms Script
text/javascript 35.169.206.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://px.marchex.io/ds.js?_=1630416107853
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.206.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-206-198.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 5f22c75ea3d26a7ca021bac74aa01a905506f8a9bd98cb3a0ea9b7c713ce4cf9

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "17fb-5c6109ac82177"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: text/javascript
content-length: 6139

GET
H2 200 999cc6f7c943440d806d536e488970b5.js Show response
media.assets.sincrod.com/websites/content/cblt-ms-product/file/90b0284b-b946-4630-8dd7-0c8d904557b3/ 13 KB
5 KB 21ms
20ms Script
application/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-product/file/90b0284b-b946-4630-8dd7-0c8d904557b3/999cc6f7c943440d806d536e488970b5.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 243ee9d9bf3d31bf74d4bab58dc2b5f6a804a3bcbaf8b6391884038daf7f074c

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Tue, 31 Aug 2021 12:30:14 GMT
content-encoding: gzip
x-original-content-length: 13304
age: 3095
x-cache: Hit from cloudfront
x-server-start-time: 1630207661169
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: cIuhMtiocQQdaG4uJWZk8JMeqWkSI7dpsPKu3DdVjyOaPkESh2Ni3g==
access-control-allow-origin: *
last-modified: Mon, 05 Apr 2021 15:46:14 GMT
server: nginx
x-server-response-time: 30
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=3600
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 8QBQXG_u7QIVn2qCfj8SlHmXUg-EMs6WXnSzMFsyaSNBnTvzDVLK-Q==
expires: Sun, 29 Aug 2021 04:27:41 GMT

GET
H2 200 hotjar-2020696.js Show response
static.hotjar.com/c/ 4 KB
2 KB 105ms
54ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2020696.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

55ae96d91a814acb7394212150bc6bebb03b980ad31e2a1d2e1de67bcce7a76e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
etag: W/47a301eb2a3b152118a69e15c89d0744
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1878
via: 1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
x-amz-cf-id: AKWeeJTjXvcnBRH_M_27uB9MnQ3Groy-KXYnGKyWkLtNF4PiLXiFLA==

GET
H2 404 699b55a895d010058fed0050568ba825.js
media.assets.sincrod.com/teams/repository/export/v/37/699/b55a895d010058fed0050568ba825/ 0
0 191ms
190ms Script
text/plain 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/teams/repository/export/v/37/699/b55a895d010058fed0050568ba825/699b55a895d010058fed0050568ba825.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

logging-correlationid: OuFcxyCOTY5ShU-AjLiFx5LXvFQJVtzVlEfXKi624M4oc8Qif1nE-A==
date: Tue, 31 Aug 2021 13:21:50 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
x-server-response-time: 16
x-cache: Error from cloudfront
x-origin-id: cdk-pdx
x-server-start-time: 1630416110265
x-amz-cf-id: OuFcxyCOTY5ShU-AjLiFx5LXvFQJVtzVlEfXKi624M4oc8Qif1nE-A==
x-application-context: mediaStorageService:prod-cfp-pdx

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e90840ba8e99975dc53b26b16c56c117f267379efe7207981ec3c63fe991efba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25996
x-xss-protection: 0
pragma: public
x-fb-debug: ssUjM0WJzQGR1CG1wJ4QHPRXPMm2aVTwq41PECBz3MWfJvyORm0zwfhbq+VLofYKHlUejIpLK1We58rXZx/fyA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 31 Aug 2021 13:21:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 aquant.js Show response
secure.quantserve.com/ 24 KB
9 KB 25ms
8ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/aquant.js?a=p-d-vRjvTMWyhsd
Requested by: Host: wsassets.cobalt.com
URL: https://wsassets.cobalt.com/websites/dynamic/bundles/5.0-7693/dkn/fak0ssjfqrsygvzj61g==/pixeltag.js?webId=gmps-sands-chev&locale=en_US&originalDomain=http%3A%2F%2Fwww.sandssurprise.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 07 Sep 2021 13:21:50 GMT

GET
H2 200 b9f763d6919b42cca388284a3cc66ee2.js Show response
media.assets.sincrod.com/websites/content/cblt-ms-root-en-us/ 1021 B
1 KB 27ms
27ms Script
application/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-root-en-us/b9f763d6919b42cca388284a3cc66ee2.js
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: bc413f27ac2d1ebcd96c9cb306a62c5930fff67feeb573cfb0a39b211e4cc3b7

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Sat, 31 Jul 2021 11:28:47 GMT
content-encoding: gzip
x-original-content-length: 1021
age: 2685183
x-cache: Hit from cloudfront
x-server-start-time: 1627730927727
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: 7Sl9sTbvQr1XkKGC9_P22q1NY88S5Kgog7tIe5xHoQnsdmfpKg7saQ==
access-control-allow-origin: *
last-modified: Wed, 03 Mar 2021 22:36:36 GMT
server: nginx
x-server-response-time: 36
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: y3cJNlPVgwI1yEsiP2shKbR5dj6VZLiLWd1ZhplhVB9jyb9xgmC5BA==
expires: Sun, 31 Jul 2022 11:28:47 GMT

GET
H2 200 d3abc0d81f7142c8bfbbff1950ab8e90.js Show response
media.assets.sincrod.com/websites/content/cblt-ms-root-en-us/ 8 KB
3 KB 23ms
22ms Script
application/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-root-en-us/d3abc0d81f7142c8bfbbff1950ab8e90.js
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 65acd190391b0765bdb06b4cdc03bcf9cbcc84eb5a51cf8506892ad007c5cd71

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Sat, 31 Jul 2021 11:28:50 GMT
content-encoding: gzip
x-original-content-length: 8416
age: 2685180
x-cache: Hit from cloudfront
x-server-start-time: 1627730930510
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: ZLEuSwPtVoYF5Auzfnt1sIhhtbjlOtRJXPyiZ8e49IC2MYhiDYN1_Q==
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 18:28:26 GMT
server: nginx
x-server-response-time: 50
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 1uC9XOD-lR5pV2Jcjqww31ZAPEji5cs5T7LIDB6M5DTkk13aPvIKjw==
expires: Sun, 31 Jul 2022 11:28:50 GMT

GET
H2 200 5d3a51b6a05745bc8629798eca115a6d.js Show response
media.assets.sincrod.com/websites/content/cblt-ms-root-en-us/ 4 KB
2 KB 23ms
23ms Script
application/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-root-en-us/5d3a51b6a05745bc8629798eca115a6d.js
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 738326fab9c514e02c0abf21120e21ea15f8d9f6497e9e43ceb43b6b15c14b76

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Sat, 31 Jul 2021 15:34:51 GMT
content-encoding: gzip
x-original-content-length: 3923
age: 2670419
x-cache: Hit from cloudfront
x-server-start-time: 1627745691417
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: iPYKK5GGSVwO8Nm3Z9ewL4GXfhXIicgDMgDTLMJm2n-T0mKrS_fsnQ==
access-control-allow-origin: *
last-modified: Fri, 26 Feb 2021 19:38:35 GMT
server: nginx
x-server-response-time: 85
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: LLgmMyHeDuorqKpM5F5P0D42fOpRE_kVRfEhD2NosP5uQs5KgW_R5g==
expires: Sun, 31 Jul 2022 15:34:51 GMT

GET
H2

200

app.js Show response
acsbapp.com/apps/app/dist/js/
Redirect Chain

https://acsbapp.com/apps/app/assets/js/acsb.js
https://acsbapp.com/apps/app/dist/js/app.js

417 KB
137 KB

109ms
108ms

Script
application/x-javascript

206.189.187.108
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.187.108 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn103.acsbapp.com
Software: /
Resource Hash: 1791fe6b97889b4f9145120a59510259f87aa0bd825f73a8b5f207286fa9f382

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: br
last-modified: Sun, 29 Aug 2021 08:53:09 GMT
etag: "684a5-612b4af5-c7d5812f2aacbc4f;br"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 139719
expires: Wed, 01 Sep 2021 13:21:50 GMT

Redirect headers

location: https://acsbapp.com/apps/app/dist/js/app.js
date: Tue, 31 Aug 2021 13:21:50 GMT
content-length: 707
content-type: text/html

GET
H2 200 tag.js Show response
c.betrad.com/pub/ 3 KB
2 KB 62ms
18ms Script
application/x-javascript 104.111.233.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.betrad.com/pub/tag.js
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.233.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-93.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0385ee74ecfb95851591d855ebe9ce33585c9e2521b333105b1177813700c300

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
last-modified: Thu, 24 Oct 2019 16:47:06 GMT
server: AkamaiNetStorage
etag: "a9fd30e65e1837e0ec743c20de372581:1571935627"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1250

GET
H2 200 index.js Show response
media.assets.sincrod.com/agency/release/iz/framework/js/ 14 KB
4 KB 33ms
33ms Script
application/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/agency/release/iz/framework/js/index.js
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 68d318ef519ff4d4d3fe936eecd0425c15b9c98cb10d200bd99d11596f6936f1

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
x-original-content-length: 14000
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
x-server-start-time: 1630359160617
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: OZZ5ta7lWscsF2hHex7PNXfU5q9KPKaAT7I3Mfx4K3wpYrfPbvbtPg==
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 21:30:21 GMT
server: nginx
x-server-response-time: 29
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=1800
x-amz-cf-id: U2xZZF62tofvYhCY07b0IrdXki1j5_PN5DmoxHD3uak4hYMifF75nA==
expires: Mon, 30 Aug 2021 22:02:40 GMT

GET
H2 200 fnr-positive-181x17.png
media.assets.sincrod.com/agency/next-gen-designs/chevrolet/ 2 KB
3 KB 25ms
25ms Image
image/png 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/agency/next-gen-designs/chevrolet/fnr-positive-181x17.png
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 7044952a4acccc696f4319c86ec36afcbd30661f145dc5d734d74dd7284cea60

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Tue, 31 Aug 2021 13:21:50 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 2534
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
x-server-start-time: 1630117587563
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: wwtWrGx0a5yAuSQmHXijhC8sCVDx8jihVUMPBM1q_LFecx-6J-HczQ==
last-modified: Fri, 15 May 2020 23:23:35 GMT
server: nginx
x-server-response-time: 43
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=1800
content-length: 2534
x-amz-cf-id: OxBJ0nhEHeHZCPmTsTqsrNDcENDc3Sdgxk0W17teoSlP9_XTBdyaAg==
expires: Sat, 28 Aug 2021 02:56:27 GMT

GET
H2 200 basel.js Show response
media.assets.sincrod.com/partner-packages/partner-packages-1.0.2858/baselDeploy/ 291 KB
47 KB 20ms
20ms Script
application/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.2858/baselDeploy/basel.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 59c2bd8c9d17d40e7119100dba656e402c7a3b326d9fc2441133f93f3c53dcfa

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Fri, 27 Aug 2021 17:13:57 GMT
content-encoding: gzip
x-original-content-length: 298476
age: 331673
x-cache: Hit from cloudfront
x-server-start-time: 1630084437609
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: XBxKQA3aOZY2JS2F8TUrVbbIlW0jYOweu5lTYRLZim9x1v5_uJOdNQ==
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 17:13:38 GMT
server: nginx
x-server-response-time: 21
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: KCIVjfxhgB40wdMSI-O9DHE3iwfmX07cdZugX6ZTQ_AmMoa3u-zRKQ==
expires: Sat, 27 Aug 2022 17:13:57 GMT

GET
H2 200 dt.js Show response
dt.cobaltgroup.com/ 22 KB
9 KB 523ms
177ms Script
text/javascript 52.8.197.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=F0C51826C1BD9385CC097807523A7959&webid=gmps-sands-chev&sitetype=dealer&eventId=eb939c80265f10068136080020f0176c&cs:ssi=F0C51826C1BD9385CC097807523A7959&_=1630416107854
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.197.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-197-246.us-west-1.compute.amazonaws.com
Software: Display Tracker 2.0 /
Resource Hash: b58400b375d1e71bfb7cecdf1975689960feb967d7d626139c6a9ee99dee1861

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
x-autoscale-group: dt-prod-ca-asg
last-modified: Tue, 31 Aug 2021 13:21:50 GMT
server: Display Tracker 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: text/javascript
content-length: 7403
expires: Tue, 19 Apr 1994 04:00:00 GMT

GET
H2

200

websites.gif
traffic.prod.cobaltgroup.com/
Redirect Chain

https://traffic.prod.cobaltgroup.com/websites.gif?header_request_domain=www.sandssurprise.com&header_page_name=HomePage&header_page_label=HomePage&header_page_layout=HomePage|Advantage&header_reque...
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?url=http%253a%252f%252ftraffic.prod.cobaltgroup.com%252fwebsites.gif%253fcs%253agvid%253d%255bdtuid%255d%2526header_request_domain%253dwww.sandssu...
https://traffic.prod.cobaltgroup.com/websites.gif?cs:gvid=1630416110620755900&header_request_domain=www.sandssurprise.com&header_page_name=HomePage&header_page_label=HomePage&header_page_layout=Hom...

43 B
994 B

618ms
618ms

Image
image/gif

13.224.93.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffic.prod.cobaltgroup.com/websites.gif?cs:gvid=1630416110620755900&header_request_domain=www.sandssurprise.com&header_page_name=HomePage&header_page_label=HomePage&header_page_layout=HomePage|Advantage&header_request_uri=%2F&header_visitor_id=F0C51826C1BD9385CC097807523A7959&header_event_id=eb939c80265f10068136080020f0176c316602445322&header_session_id=F0C51826C1BD9385CC097807523A7959&header_site_id=46d9f4a0c1de100480a700146edef7ee&cs:plt=3610&cs:svrt=723&cs:ttfb=882&cs:loc=en_US&cs:theme=dcw-design-magic&cs:zip=85388-9602&cs:s=gmps-sands-chev&cs:userState=loggedOut&cs:checksum=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-90.zrh50.r.cloudfront.net
Software: Apache/2.2.15 (CentOS) mod_perl/2.0.4 Perl/v5.10.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
last-modified: Wed, 25 Aug 2021 13:35:16 GMT
server: Apache/2.2.15 (CentOS) mod_perl/2.0.4 Perl/v5.10.1
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 43
x-amz-cf-id: oKN14TTolaQhBJEmYdnz-GjtATFWWyb6XuYeMDish-IdCrCMPbEoYA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 31 Aug 2021 13:21:50 GMT
x-autoscale-group: x-prod-ca-asg
last-modified: Tue, 31 Aug 2021 13:21:50 GMT
server: CJ Service 2.0
location: https://traffic.prod.cobaltgroup.com/websites.gif?cs:gvid=1630416110620755900&header_request_domain=www.sandssurprise.com&header_page_name=HomePage&header_page_label=HomePage&header_page_layout=HomePage|Advantage&header_request_uri=%2F&header_visitor_id=F0C51826C1BD9385CC097807523A7959&header_event_id=eb939c80265f10068136080020f0176c316602445322&header_session_id=F0C51826C1BD9385CC097807523A7959&header_site_id=46d9f4a0c1de100480a700146edef7ee&cs:plt=3610&cs:svrt=723&cs:ttfb=882&cs:loc=en_US&cs:theme=dcw-design-magic&cs:zip=85388-9602&cs:s=gmps-sands-chev&cs:userState=loggedOut&cs:checksum=1
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: application/json
expires: Tue, 19 Apr 1994 04:00:00 GMT

GET
H2 200 7cdce3907c97100587d020145edef087.js Show response
media.assets.sincrod.com/teams/repository/export/7cdce3907c97100587d020145edef087/ 51 KB
11 KB 24ms
23ms Script
text/javascript 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/teams/repository/export/7cdce3907c97100587d020145edef087/7cdce3907c97100587d020145edef087.js
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: c1c6c18e564c90badd969953bdbc7c5297fdca53dd3eff7f50a6ee69c24b042e

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
x-original-content-length: 52178
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
x-server-start-time: 1630201751149
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: IgeJ2LSU97pBAMbJVmB623wDOs26jIt_VJlExWo2WfOqGkEJ08AStQ==
access-control-allow-origin: *
last-modified: Fri, 14 Jun 2019 22:09:57 GMT
server: nginx
x-server-response-time: 18
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=300
x-amz-cf-id: Id__-1kUgT898yBhF3TqJYvML15qIVCkF3B8qEzNVv8Y8LjA8dEe9w==
expires: Sun, 29 Aug 2021 01:54:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
40 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TM3GV2

Requested by

Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4abe59cc07bbf43797dc654884614277d038f8a4777e87f79b75147f3e7838ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41150
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Aug 2021 13:21:50 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
42 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NRBMQ6X

Requested by

Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

067dadb7ed931f4736424b158ee429654219d6574e2d366d0ee1b53a6d286ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42715
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Aug 2021 13:21:50 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 87 KB
34 KB 31ms
29ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WZ92BXX

Requested by

Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9dd5b77d60f71a9ae346785995d2f5a7c51e5dd3719a5840d47d397ef18628fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35199
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Aug 2021 13:21:50 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 133 KB
45 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVRF2Q2

Requested by

Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db21d4df04ee1f7dd99f5c264f41e5e09912fdb5dba405d0b2c1b1f40ef1c68a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45971
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Aug 2021 13:21:50 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
67 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBTHFZD

Requested by

Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f64b93491aaac72855e932e7a1225047d4f4328689ecb53ab4d1dd4ee1e24148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68897
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Aug 2021 13:21:50 GMT

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11f1f1b9126fa2422f0734e32f4bf421ef0e77099fbc5d90df07dc50ea13c99d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2

200

w.gif
traffic.prod.cobaltgroup.com/
Redirect Chain

https://traffic.prod.cobaltgroup.com/w.gif?cs:ev=eb939c80265f10068136080020f0176c316602445322&cs:pg=HomePage&cs:plb=HomePage&cs:ply=HomePage_flex&cs:s=gmps-sands-chev&cs:si=46d9f4a0c1de100480a70014...
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?url=http%3a%2f%2ftraffic.prod.cobaltgroup.com%2fw.gif%3fcs%3agvid%3d%5bdtuid%5d%26cs%3aev%3deb939c80265f10068136080020f0176c316602445322%26cs%3apg...
https://traffic.prod.cobaltgroup.com/w.gif?cs:gvid=1630416110620755900&cs:ev=eb939c80265f10068136080020f0176c316602445322&cs:pg=HomePage&cs:plb=HomePage&cs:ply=HomePage_flex&cs:s=gmps-sands-chev&cs...

43 B
998 B

487ms
487ms

Image
image/gif

13.224.93.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffic.prod.cobaltgroup.com/w.gif?cs:gvid=1630416110620755900&cs:ev=eb939c80265f10068136080020f0176c316602445322&cs:pg=HomePage&cs:plb=HomePage&cs:ply=HomePage_flex&cs:s=gmps-sands-chev&cs:si=46d9f4a0c1de100480a700146edef7ee&cs:ssi=F0C51826C1BD9385CC097807523A7959&cs:vi=F0C51826C1BD9385CC097807523A7959&cs:theme=dcw-design-magic&cs:wt=card-header-bc8294d3-6386-4b3f-8e35-40c65dafb647,,0,0,0,1600,167,63,0,0&cs:wt=card-Search%20New-c6b6893d-072f-4627-a6f1-187bdc3f66ef,,0,20,123,135,44,64,0,0&cs:wt=card-navigationCMSf948a313-9d1b9988-22b0-490f-bf0a-d21ac3b5ecf1_67366894-6db7-43fe-b86b-e61c242031ae,,0,0,0,100,100,64,0,0&cs:wt=card-navigationModelInventory7fc19bb0-82073f6d-4864-4a9e-9e90-0fd13a9ec8a8_67366894-6db7-43fe-b86b-e61c242031ae,,0,0,0,100,100,65,0,0&cs:wt=card-Pre-Owned-714e4c7d-9204-444a-926c-5e4d41337d0c,,0,155,123,130,44,65,0,0&cs:wt=card-navigationModelInventory4282e8bc-cb1cb738-281e-4ce9-8372-4316541b66b6_67366894-6db7-43fe-b86b-e61c242031ae,,0,0,0,100,100,65,0,0&cs:wt=card-Specials-b72b6680-bd70-494c-8fe1-9a46d0504e52,,0,285,123,113,44,65,0,0&cs:wt=card-Finance-8b01817f-11ff-4843-9b9b-672a310e2009,,0,398,123,106,44,64,0,0&cs:wt=card-Service%20&%20Parts-73987331-1792-4676-a152-79174783c3ed,,0,504,123,162,44,64,0,0&cs:wt=card-About%20Us-4727225a-6ae7-468e-8c46-92d7d4e7a1ba,,0,666,123,114,44,64,0,0&cs:wt=card-Sell%20to%20Sands-9538f67c-7ed3-4f94-88fd-1bc4b94ea9e5,,0,780,123,128,44,64,0,0&cs:wt=card-aboutMessageCard-73f203f3-254f-4609-941e-9eadc554a0f3,,0,0,168,1600,3485,18,0,0&cs:wt=card-aboutMessageCard-655d0bf4-250e-4cb0-bb20-c000bd1f4cdc,,0,0,168,1600,339,64,0,0&cs:wt=card-genericCard-dd795a26-e3ff-448a-ae74-2b1a5c156c90,,0,0,168,1600,60,64,0,0&cs:wt=card-aboutMessageCard-d9eb9d6f-f0b8-44b2-8488-ed6444691c2a,,0,0,228,1600,279,64,0,0&cs:wt=card-aboutMessageCard-e1466544-9c44-4acf-baae-53e348d45e4d,,0,0,507.328125,1600,104,64,0,0&cs:wt=card-genericCard-52966ade-0481-4609-99ef-fa8c64792e87,,0,0,611.328125,1600,282,50,0,0&cs:wt=card-keywordSearch-c08759b5-14da-40fd-a14c-2af9f122501f,,0,0,714.328125,1600,211,63,0,0&cs:wt=card-InventorySearch-ff53fbd9-55ee-4809-b0d1-3d310b25ce68,,0,0,0,1600,0,51,0,0&cs:wt=card-whyBuyCard-ec8b2984-5af4-4cfa-bbc5-d6d4588f15bd,,0,0,941.328125,1600,678,51,0,0&cs:wt=card-whyBuyCard-c3ca0f29-0d62-409a-90b8-6de868db3ca5,,0,0,0,100,0,50,0,0&cs:wt=card-whyBuyCard-ed80bbf4-2be2-4883-90a1-e207810b4413,,0,0,0,100,0,49,0,0&cs:wt=card-whyBuyCard-28928f68-289f-42b8-ba5f-307119dcd80c,,0,0,1619.421875,1600,590,33,0,0&cs:wt=card-aboutMessageCard-2e3d19f1-2dd4-4e9b-b3db-134e4e9f7783,,0,0,1905.421875,1600,304,33,0,0&cs:wt=card-aboutMessageCard-3027ef63-5236-4358-a674-80a8be5ec6cd,,0,0,0,1600,417,42,0,0&cs:wt=card-aboutMessageCard-7fb1ac93-b8ad-4e00-b5f1-7f1028b1c88d,,0,0,0,100,0,42,0,0&cs:wt=card-aboutMessageCard-c0b08b43-6c1f-4cd2-921d-a9d3ead8e356,,0,0,0,1600,207,38,0,0&cs:wt=card-aboutMessageCard-98fd4d6f-c573-4bc3-ba97-0994df1e0dc7,,0,0,0,100,0,38,0,0&cs:wt=card-aboutMessageCard-b2b2e2db-0d1f-4911-84d7-031ba1f3b3ea,,0,0,0,1600,207,36,0,0&cs:wt=card-aboutMessageCard-c5c55002-7de2-4879-9d5c-af401348c300,,0,0,2677.21875,1600,305,29,0,0&cs:wt=card-aboutMessageCard-5fb090ad-5195-47a0-a577-eac89ba36710-2,,0,0,0,1472,254,31,0,0&cs:wt=card-aboutMessageCard-5fb090ad-5195-47a0-a577-eac89ba36710-3,,0,0,0,1472,254,29,0,0&cs:wt=card-heroCard-6240c903-7f13-4987-9679-618b7e0f9c64,,0,0,3460.96875,1600,115,22,0,0&cs:wt=card-promotionCard-143abe81-9218-4789-a442-87db3c6367f0-0,,0,0,0,1120,115,26,0,0&cs:wt=card-promotionCard-143abe81-9218-4789-a442-87db3c6367f0-1,,0,0,0,1120,115,22,0,0&cs:wt=card-footer-c2320f19-a4be-4e07-a215-57bce36d30a9,,0,0,3652.96875,1600,589,16,0,0&cs:w=1600,1200,142&cs:vs=&cs:checksum=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-90.zrh50.r.cloudfront.net
Software: Apache/2.2.15 (CentOS) mod_perl/2.0.4 Perl/v5.10.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
last-modified: Wed, 25 Aug 2021 13:35:16 GMT
server: Apache/2.2.15 (CentOS) mod_perl/2.0.4 Perl/v5.10.1
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 43
x-amz-cf-id: -OapEeAS_WIDyz6vwGH_znHeoZJ6DzP1FgK9pawvaNZBmejz-HfIMQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 31 Aug 2021 13:21:51 GMT
x-autoscale-group: x-prod-ca-asg
last-modified: Tue, 31 Aug 2021 13:21:51 GMT
server: CJ Service 2.0
location: https://traffic.prod.cobaltgroup.com/w.gif?cs:gvid=1630416110620755900&cs:ev=eb939c80265f10068136080020f0176c316602445322&cs:pg=HomePage&cs:plb=HomePage&cs:ply=HomePage_flex&cs:s=gmps-sands-chev&cs:si=46d9f4a0c1de100480a700146edef7ee&cs:ssi=F0C51826C1BD9385CC097807523A7959&cs:vi=F0C51826C1BD9385CC097807523A7959&cs:theme=dcw-design-magic&cs:wt=card-header-bc8294d3-6386-4b3f-8e35-40c65dafb647,,0,0,0,1600,167,63,0,0&cs:wt=card-Search New-c6b6893d-072f-4627-a6f1-187bdc3f66ef,,0,20,123,135,44,64,0,0&cs:wt=card-navigationCMSf948a313-9d1b9988-22b0-490f-bf0a-d21ac3b5ecf1_67366894-6db7-43fe-b86b-e61c242031ae,,0,0,0,100,100,64,0,0&cs:wt=card-navigationModelInventory7fc19bb0-82073f6d-4864-4a9e-9e90-0fd13a9ec8a8_67366894-6db7-43fe-b86b-e61c242031ae,,0,0,0,100,100,65,0,0&cs:wt=card-Pre-Owned-714e4c7d-9204-444a-926c-5e4d41337d0c,,0,155,123,130,44,65,0,0&cs:wt=card-navigationModelInventory4282e8bc-cb1cb738-281e-4ce9-8372-4316541b66b6_67366894-6db7-43fe-b86b-e61c242031ae,,0,0,0,100,100,65,0,0&cs:wt=card-Specials-b72b6680-bd70-494c-8fe1-9a46d0504e52,,0,285,123,113,44,65,0,0&cs:wt=card-Finance-8b01817f-11ff-4843-9b9b-672a310e2009,,0,398,123,106,44,64,0,0&cs:wt=card-Service & Parts-73987331-1792-4676-a152-79174783c3ed,,0,504,123,162,44,64,0,0&cs:wt=card-About Us-4727225a-6ae7-468e-8c46-92d7d4e7a1ba,,0,666,123,114,44,64,0,0&cs:wt=card-Sell to Sands-9538f67c-7ed3-4f94-88fd-1bc4b94ea9e5,,0,780,123,128,44,64,0,0&cs:wt=card-aboutMessageCard-73f203f3-254f-4609-941e-9eadc554a0f3,,0,0,168,1600,3485,18,0,0&cs:wt=card-aboutMessageCard-655d0bf4-250e-4cb0-bb20-c000bd1f4cdc,,0,0,168,1600,339,64,0,0&cs:wt=card-genericCard-dd795a26-e3ff-448a-ae74-2b1a5c156c90,,0,0,168,1600,60,64,0,0&cs:wt=card-aboutMessageCard-d9eb9d6f-f0b8-44b2-8488-ed6444691c2a,,0,0,228,1600,279,64,0,0&cs:wt=card-aboutMessageCard-e1466544-9c44-4acf-baae-53e348d45e4d,,0,0,507.328125,1600,104,64,0,0&cs:wt=card-genericCard-52966ade-0481-4609-99ef-fa8c64792e87,,0,0,611.328125,1600,282,50,0,0&cs:wt=card-keywordSearch-c08759b5-14da-40fd-a14c-2af9f122501f,,0,0,714.328125,1600,211,63,0,0&cs:wt=card-InventorySearch-ff53fbd9-55ee-4809-b0d1-3d310b25ce68,,0,0,0,1600,0,51,0,0&cs:wt=card-whyBuyCard-ec8b2984-5af4-4cfa-bbc5-d6d4588f15bd,,0,0,941.328125,1600,678,51,0,0&cs:wt=card-whyBuyCard-c3ca0f29-0d62-409a-90b8-6de868db3ca5,,0,0,0,100,0,50,0,0&cs:wt=card-whyBuyCard-ed80bbf4-2be2-4883-90a1-e207810b4413,,0,0,0,100,0,49,0,0&cs:wt=card-whyBuyCard-28928f68-289f-42b8-ba5f-307119dcd80c,,0,0,1619.421875,1600,590,33,0,0&cs:wt=card-aboutMessageCard-2e3d19f1-2dd4-4e9b-b3db-134e4e9f7783,,0,0,1905.421875,1600,304,33,0,0&cs:wt=card-aboutMessageCard-3027ef63-5236-4358-a674-80a8be5ec6cd,,0,0,0,1600,417,42,0,0&cs:wt=card-aboutMessageCard-7fb1ac93-b8ad-4e00-b5f1-7f1028b1c88d,,0,0,0,100,0,42,0,0&cs:wt=card-aboutMessageCard-c0b08b43-6c1f-4cd2-921d-a9d3ead8e356,,0,0,0,1600,207,38,0,0&cs:wt=card-aboutMessageCard-98fd4d6f-c573-4bc3-ba97-0994df1e0dc7,,0,0,0,100,0,38,0,0&cs:wt=card-aboutMessageCard-b2b2e2db-0d1f-4911-84d7-031ba1f3b3ea,,0,0,0,1600,207,36,0,0&cs:wt=card-aboutMessageCard-c5c55002-7de2-4879-9d5c-af401348c300,,0,0,2677.21875,1600,305,29,0,0&cs:wt=card-aboutMessageCard-5fb090ad-5195-47a0-a577-eac89ba36710-2,,0,0,0,1472,254,31,0,0&cs:wt=card-aboutMessageCard-5fb090ad-5195-47a0-a577-eac89ba36710-3,,0,0,0,1472,254,29,0,0&cs:wt=card-heroCard-6240c903-7f13-4987-9679-618b7e0f9c64,,0,0,3460.96875,1600,115,22,0,0&cs:wt=card-promotionCard-143abe81-9218-4789-a442-87db3c6367f0-0,,0,0,0,1120,115,26,0,0&cs:wt=card-promotionCard-143abe81-9218-4789-a442-87db3c6367f0-1,,0,0,0,1120,115,22,0,0&cs:wt=card-footer-c2320f19-a4be-4e07-a215-57bce36d30a9,,0,0,3652.96875,1600,589,16,0,0&cs:w=1600,1200,142&cs:vs=&cs:checksum=1
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: application/json
expires: Tue, 19 Apr 1994 04:00:00 GMT

GET
H2 200 wrapper.js Show response
universal.iperceptions.com/ 9 KB
4 KB 48ms
12ms Script
application/javascript 2600:9000:2182:b600:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/wrapper.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/teams/repository/export/2e8/15bb0c16e1005809c0050568bfc31/2e815bb0c16e1005809c0050568bfc31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:b600:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Aug 2021 13:18:45 GMT
content-encoding: gzip
content-md5: d5YIeO59lrTqhttidyvULA==
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-ms-lease-status: unlocked
access-control-allow-origin: *
last-modified: Mon, 22 Mar 2021 18:02:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
x-ms-request-id: fa25a0e0-901e-0083-4d88-9d5030000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-amz-cf-id: ZIFbZsP0rVZydCnL7Wpv16c_Ql7_WBtly5czIa3CC26glnf0UdXaqg==

GET
H3-29 200 733415227104027 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 93ms
92ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/733415227104027?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

932b69b485b9ab610183efefa65041d281bc489d14d91df150252ed2f84a5e60

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: XRqu3AAtgtvL9+EtmZDvc/bZajWwxlKoSIGL5n+w2GH5RnMlmDCQh1IV7hZopE8q2C2hOGuAyjHFObzsP8lr2Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 31 Aug 2021 13:21:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rules-p-YrB3f55X0U0rf.js Show response
rules.quantcount.com/ 993 B
1 KB 413ms
397ms Script
application/javascript 2600:9000:223c:e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-YrB3f55X0U0rf.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/aquant.js?a=p-d-vRjvTMWyhsd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe746d83998e1240839c0bc23a41e1d7b874d3c5da578463a6136193a6ba8eb5

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 993
last-modified: Fri, 24 Apr 2020 19:43:16 GMT
server: AmazonS3
etag: "5f96fb377e1a554abbe9e9963fe86711"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: rq_uWAcUo31Q6wG-s12PsdblqlAaSJU8sdpcH3mW_dVWPeyU9j_meQ==

GET
H2 200 DOACT-72.css
media.assets.sincrod.com/agency/release/iz/solutions/DOACT-72/ 780 B
1 KB 33ms
32ms Stylesheet
text/css 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/agency/release/iz/solutions/DOACT-72/DOACT-72.css
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/agency/release/iz/framework/js/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: db804a7265adb15818011a82c75949956e5b13e2bf596495bee582ae7c6e9ef8

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Tue, 31 Aug 2021 13:21:50 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 780
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
x-server-start-time: 1630197182997
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: vbj9RkF7lGT-EhF7fWzNsz87291vgAztUgTdMLuRJHp9wg78XsTGww==
last-modified: Thu, 19 Aug 2021 21:13:31 GMT
server: nginx
x-server-response-time: 16
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=1800
content-length: 780
x-amz-cf-id: 2w3yZ6N9W9N1_2r-9RhBgy5YLTBskz-cfzQW_f8xxXLU96vWcpEJ7w==
expires: Sun, 29 Aug 2021 01:03:03 GMT

GET
H2 200 iz-load.png
tag.digops.sincro.io/ 68 B
702 B 644ms
592ms Image
image/png 2600:9000:2182:3a00:1d:cf92:a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.digops.sincro.io/iz-load.png?t=DOACT-72&w=gmps-sands-chev&p=HomePage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3a00:1d:cf92:a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jul 2021 02:43:21 GMT
server: nginx/1.19.10
x-amz-cf-pop: DUS51-C1
etag: "60ff72c9-44"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 68
x-amz-cf-id: j08wGjJ0UiTOsyhHZIloUQR5o4EmNwA0rtsyjL8q0uU3SIEJAbvTxg==

GET
H2 200 DOACT-29.css
media.assets.sincrod.com/agency/release/iz/solutions/DOACT-29/ 104 B
692 B 23ms
22ms Stylesheet
text/css 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/agency/release/iz/solutions/DOACT-29/DOACT-29.css
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/agency/release/iz/framework/js/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a8b1c9fd568598f6ddbf5ec91503f98a1a956915aca330b4024082e01d39bc24

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Tue, 31 Aug 2021 13:11:35 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-original-content-length: 104
age: 615
x-cache: Hit from cloudfront
x-server-start-time: 1630113805499
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: vlnF37yU1_2RO6Tk4_J1BUMPE1YkOIqnoaxFTjLy-P5kRRC4O3i0gA==
last-modified: Fri, 30 Jul 2021 05:48:15 GMT
server: nginx
x-server-response-time: 33
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=1800
x-amz-cf-pop: DUS51-C1
content-length: 104
x-amz-cf-id: G97tXFQ2mqjRxfpXdVS-cNk028uqluyhI2pjHYiAl4lAQ6k0GC7uQw==
expires: Sat, 28 Aug 2021 01:53:25 GMT

GET
H2 200 iz-load.png
tag.digops.sincro.io/ 68 B
696 B 640ms
589ms Image
image/png 2600:9000:2182:3a00:1d:cf92:a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.digops.sincro.io/iz-load.png?t=DOACT-29&w=gmps-sands-chev&p=HomePage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3a00:1d:cf92:a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jul 2021 02:43:21 GMT
server: nginx/1.19.10
x-amz-cf-pop: DUS51-C1
etag: "60ff72c9-44"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 68
x-amz-cf-id: 0rhZHK3w9OfSJd9wIQWuKPYzUg7pBDc-0N7GJ_-iCki0uEXs8zLFmw==

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 2 KB
3 KB 84ms
36ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1177748&mt_adid=157853&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/teams/repository/export/e39/f15e0949c100588110050568b5709/e39f15e0949c100588110050568b5709.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3865 cc0e612 master cdg-pixel-x10 /
Resource Hash: 66b0dfe940bb442336b8b90a52f8d3e3a4777ab553722b88e872bb2ea096833f

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:50 GMT
Server: MT3 3865 cc0e612 master cdg-pixel-x10
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 2109
Expires: Tue, 31 Aug 2021 13:21:49 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 2 KB
3 KB 103ms
42ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1037573&mt_adid=157853&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/teams/repository/export/e39/f15e0949c100588110050568b5709/e39f15e0949c100588110050568b5709.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3865 cc0e612 master cdg-pixel-x25 /
Resource Hash: 15b1a78f02470add6d2b91cefc46f3d1f7da2ce52b85ecb960c8f913e8685874

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:50 GMT
Server: MT3 3865 cc0e612 master cdg-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 2109
Expires: Tue, 31 Aug 2021 13:21:49 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-10793379-2

Requested by

Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/teams/repository/export/7cdce3907c97100587d020145edef087/7cdce3907c97100587d020145edef087.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2641b1324c41098791d1e2bff0f7992c69ff38800f3c0a24fc8a1efe7527207f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41287
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Aug 2021 13:21:50 GMT

GET
H2 200 icon1.png
c.evidon.com/pub/ 600 B
907 B 62ms
21ms Image
image/png 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/pub/icon1.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
last-modified: Thu, 02 Jun 2011 18:30:38 GMT
server: AkamaiNetStorage
etag: "d08da9f445b63100a56646de99043059:1307039438"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 623

GET
H2 204 p.gif
l.betrad.com/pub/ 0
121 B 298ms
99ms Image
text/plain 52.44.38.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/pub/p.gif?pid=22486&ocid=6896&ii=1&mb=0&r=0.8664355900155867
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.38.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-38-222.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 modules.189ddfe225c89657c20d.js Show response
script.hotjar.com/ 221 KB
59 KB 64ms
22ms Script
application/javascript 13.32.121.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.189ddfe225c89657c20d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2020696.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-41.fra60.r.cloudfront.net

Software

Resource Hash

789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:57:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 361485
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59569
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 08:56:36 GMT
etag: "00ab92e1048f75ffd0466b24cae7a3f0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: G_VnrmDxsyTv0cr0H6a-OrfOaCYVdcBB1lTtNMzVxUhHoN0hNbrrrA==

GET
H2 200 icon
fonts.googleapis.com/ 568 B
461 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.2858/baselDeploy/basel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4650bc273b69bd9e63d1ef0ea2c6b0d39be59ce91ef942898a224546fb6689f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 13:21:50 GMT
server: ESF
date: Tue, 31 Aug 2021 13:21:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Aug 2021 13:21:50 GMT

GET
H2 200 master.css
media.assets.sincrod.com/partner-packages/partner-packages-1.0.2858/baselDeploy/ 5 KB
2 KB 15ms
14ms Stylesheet
text/css 13.226.155.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.2858/baselDeploy/master.css
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.2858/baselDeploy/basel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-108.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: fe4348eaa2a357ccc3a9043c01635b6bd617044116d50d8fbc8c46e9ac57d2c2

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Fri, 27 Aug 2021 17:13:57 GMT
content-encoding: gzip
x-original-content-length: 4720
age: 331672
x-cache: Hit from cloudfront
x-server-start-time: 1630084437920
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: dVEQVCSlDMxbaNkrEy0qdIKAB_ekNi6qaDp-uwQMiLmnrtY0NyNonA==
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 17:13:37 GMT
server: nginx
x-server-response-time: 20
vary: Accept-Encoding
content-type: text/css
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: XOKf4lAT8V7g-RfS5jk7E5cQyjfsHxZ0zYORTAETFlnuL9eOnqD3gg==
expires: Sat, 27 Aug 2022 17:13:57 GMT

GET
BLOB 200
OK 3efdd483-bc46-4c4b-b1e2-3407662f773f
https://www.sandssurprise.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sandssurprise.com/3efdd483-bc46-4c4b-b1e2-3407662f773f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 9141

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRBMQ6X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1790
date: Tue, 31 Aug 2021 12:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 31 Aug 2021 14:52:00 GMT

GET
H2 200 core.min.js Show response
services.cdn.speedshiftmedia.com/gf/ 39 KB
13 KB 72ms
14ms Script
application/javascript 13.226.155.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.cdn.speedshiftmedia.com/gf/core.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRBMQ6X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-84.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6318a0e68ef34c21191bf2f95328f92a8f6a1d552e5975c5e615eff02708b3d4

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 03:36:29 GMT
content-encoding: gzip
last-modified: Thu, 08 Oct 2020 01:00:02 GMT
server: AmazonS3
age: 35122
etag: "bc463076a8ae4c0f8de4a3ca61573069"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
x-amz-meta-git: 06f68489d0aceb45fc3ec2ebd0435e0eab9a8fac
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 13225
x-amz-cf-id: lSJscfKl3FlJY9dUoyeMcY7F54Tajp2D2vIRR5VojweU27Nkd23mvQ==

GET
H/1.1 200
OK tv2track.js Show response
collector-6821.tvsquared.com/ 20 KB
9 KB 141ms
29ms Script
application/javascript 18.202.15.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-6821.tvsquared.com/tv2track.js
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.15.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-15-91.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Jul 2021 13:21:20 GMT
Server: nginx
ETag: "60df12d0-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Tue, 31 Aug 2021 13:31:50 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 41ms
20ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBTHFZD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

15906e6d782942494450b5474366c4098c542e8ebfbf2aabb9b824b451971970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14053
x-xss-protection: 0
server: cafe
etag: 9441931574288766250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 13:21:50 GMT

GET
H2

200

UCMController Show response
login.dotomi.com/ucm/ Frame 9218
Redirect Chain

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Chevrolet&dealer_id=256053&dealer_name=Sands%20Chevrolet%2...
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_fid%3D176%26dtm_cid%3D2925%26dtm_cmag...
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Chevrolet&dealer_id=256053&dealer_name=Sands+Chevro...

2 KB
1 KB

20ms
19ms

Document
text/html

64.158.223.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Chevrolet&dealer_id=256053&dealer_name=Sands+Chevrolet+-+Surprise&dtm_user_id=F0C51826C1BD9385CC097807523A7959&page_type=HomePage&canonical_url=https%3A%2F%2Fwww.sandssurprise.com%2F&dtmc_loc=https%3A%2F%2Fwww.sandssurprise.com%2F&dtm_user_ip=89.249.64.203&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.sandssurprise.com%2F&gdpr_consent=
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-usadmm.dotomi.com
Software: nginx /
Resource Hash: 27c20f637413e9f7e87a546ed1489058a4ad21536cdd396e78ae0fdc3ddc9573

Request headers

:method: GET
:authority: login.dotomi.com
:scheme: https
:path: /ucm/UCMController?gdpr=1&dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Chevrolet&dealer_id=256053&dealer_name=Sands+Chevrolet+-+Surprise&dtm_user_id=F0C51826C1BD9385CC097807523A7959&page_type=HomePage&canonical_url=https%3A%2F%2Fwww.sandssurprise.com%2F&dtmc_loc=https%3A%2F%2Fwww.sandssurprise.com%2F&dtm_user_ip=89.249.64.203&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.sandssurprise.com%2F&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sandssurprise.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.sandssurprise.com/

Response headers

server: nginx
date: Tue, 31 Aug 2021 13:21:50 GMT
content-type: text/html
content-length: 992
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-encoding: gzip

Redirect headers

server: nginx
date: Tue, 31 Aug 2021 13:21:50 GMT
content-length: 0
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
location: https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Chevrolet&dealer_id=256053&dealer_name=Sands+Chevrolet+-+Surprise&dtm_user_id=F0C51826C1BD9385CC097807523A7959&page_type=HomePage&canonical_url=https%3A%2F%2Fwww.sandssurprise.com%2F&dtmc_loc=https%3A%2F%2Fwww.sandssurprise.com%2F&dtm_user_ip=89.249.64.203&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.sandssurprise.com%2F&gdpr_consent=

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 162 KB
51 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBGB6LV

Requested by

Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c1c98161c0fd09df54cf43c2c73a42833098e8b7a20bc61a4fbb8acc60fdbec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51873
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Aug 2021 13:21:50 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 87 KB
35 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3DB5M4

Requested by

Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfe0ee1eb8a8e72dbf41439470e4afeaec59aa8f41477d4d451ea8b742ae0189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35507
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Aug 2021 13:21:50 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 50ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBTHFZD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: 6A555522F937417FBEF28BCC90AC1CCE Ref B: FRAEDGE1517 Ref C: 2021-08-31T13:21:50Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 708A 2 KB
1 KB 74ms
24ms Document
text/html 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2020696.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sandssurprise.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.sandssurprise.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: edqxUeTNNjcLReKitdnLp2jGTiuaVDsQjufrthBUJ-NuemG3iefP8A==
age: 3848720

GET
H2 200 iFrame.html Show response
universal.iperceptions.com/ Frame C45E 2 KB
1 KB 17ms
16ms Document
text/html 2600:9000:2182:b600:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/iFrame.html
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:b600:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb

Request headers

:method: GET
:authority: universal.iperceptions.com
:scheme: https
:path: /iFrame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sandssurprise.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.sandssurprise.com/

Response headers

content-type: text/html
content-md5: Vmg/mBwwVR6Kl52r4KoGqg==
last-modified: Tue, 28 Jan 2020 16:03:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d96893d1-901e-00a1-0dc0-9b3e06000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 31 Aug 2021 13:17:03 GMT
vary: Accept-Encoding
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
cache-control: public,max-age=7200
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
x-cache: Hit from cloudfront
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: F69MrvmkscNgt8ygqfshUZBh_yxDq-g7sywdKKm63enlO054-Xcf-w==

GET
H2 200 pixel.gif
px.marchex.io/ 43 B
285 B 106ms
106ms Image
image/gif 35.169.206.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/pixel.gif?c=1630416110653&p=rZ.jzF,H5rcRI,wNbjeB,YeGyzF,GxrezF,og.NAD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.206.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-206-198.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "2b-5c6109ac86f97"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: image/gif
content-length: 43

GET
H2 200 pixel.gif
px.marchex.io/ 43 B
285 B 106ms
106ms Image
image/gif 35.169.206.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/pixel.gif?c=1630416110653&p=rZ.jzF,H5rcRI,wNbjeB,YeGyzF,GxrezF,og.NAD&cid=Q6kaDT7u0x6b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.206.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-206-198.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "2b-5c6109ac86f97"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: image/gif
content-length: 43

GET
H3-29 200 490712841102742 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 209ms
209ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/490712841102742?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c43de6ddb2667a5c9e75cb281475854a83bd69c22d9774c21a2c866106e9c717

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: i5DRbz1dmzWOBLjpzsJyOyeCF7ovDuXPkIju3cD9pKpa6ofF0/7f1j2wCKZOPvI+Hq3UBJOyKKqMcssYn2q6PQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 31 Aug 2021 13:21:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 19ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=733415227104027&ev=PageView&dl=https%3A%2F%2Fwww.sandssurprise.com%2F&rl=&if=false&ts=1630416110692&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630416110691.292569011&it=1630416110372&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 31 Aug 2021 13:21:50 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 7F85 631 B
949 B 58ms
58ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=662c612e-2cee-4f00-afee-8f3cd034acbe&no_iframe=1&mt_adid=157853&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1177748&mt_adid=157853&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3865 cc0e612 master zrh-pixel-x10 /
Resource Hash: 304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Host: pixel.mathtag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.sandssurprise.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid=a908612e-2cee-4e00-8191-5e64b560c33f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.sandssurprise.com/

Response headers

Content-Type: text/html
Content-Length: 631
Server: MT3 3865 cc0e612 master zrh-pixel-x10
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Tue, 31 Aug 2021 13:21:49 GMT
Date: Tue, 31 Aug 2021 13:21:50 GMT
Connection: keep-alive

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ 43 B
360 B 81ms
81ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1197291&mt_adid=157853&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_uuid=662c612e-2cee-4f00-afee-8f3cd034acbe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3865 cc0e612 master cdg-pixel-x12 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:50 GMT
Server: MT3 3865 cc0e612 master cdg-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 Aug 2021 13:21:49 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ 43 B
360 B 98ms
53ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1197291&mt_adid=157853&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_uuid=a908612e-2cee-4e00-8191-5e64b560c33f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3865 cc0e612 master cdg-pixel-x30 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:50 GMT
Server: MT3 3865 cc0e612 master cdg-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 Aug 2021 13:21:49 GMT

GET
H2 200 pixel.gif
px.marchex.io/ 43 B
285 B 98ms
98ms Image
image/gif 35.169.206.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/pixel.gif?c=1630416110705&p=rZ.jzF,H5rcRI,wNbjeB,YeGyzF,GxrezF,og.NAD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.206.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-206-198.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "2b-5c6109ac86f97"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: image/gif
content-length: 43

GET
H2 200 pixel.gif
px.marchex.io/ 43 B
285 B 98ms
98ms Image
image/gif 35.169.206.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/pixel.gif?c=1630416110705&p=rZ.jzF,H5rcRI,wNbjeB,YeGyzF,GxrezF,og.NAD&cid=Q6kaDT7u0x6b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.206.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-206-198.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "2b-5c6109ac86f97"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: image/gif
content-length: 43

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=515554383&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandssurprise.com%2F&ul=en-us&de=UTF-8&dt=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1973363492&gjid=1051690411&cid=1325343440.1630416111&tid=UA-145050188-3&_gid=2000140333.1630416111&_r=1&gtm=2wg8u0NRBMQ6X&cd5=GTM-NRBMQ6X&cd6=3928.699996948242&z=1046587426

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandssurprise.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 23ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=515554383&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandssurprise.com%2F&ul=en-us&de=UTF-8&dt=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=2110238345&gjid=330878679&cid=1325343440.1630416111&tid=UA-112628093-21&_gid=2000140333.1630416111&_r=1&gtm=2wg8p0NBTHFZD&z=1707738533

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandssurprise.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 19ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=515554383&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandssurprise.com%2F&ul=en-us&de=UTF-8&dt=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=511591998&gjid=1545270530&cid=1325343440.1630416111&tid=UA-111031593-1&_gid=2000140333.1630416111&_r=1&gtm=2wg8p0NBTHFZD&z=2106560219

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandssurprise.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=515554383&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandssurprise.com%2F&ul=en-us&de=UTF-8&dt=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1956519529&gjid=941876234&cid=1325343440.1630416111&tid=UA-10793379-2&_gid=2000140333.1630416111&_r=1&gtm=2ou8u0&z=2004536048

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandssurprise.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
480 B 49ms
40ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3865 cc0e612 master cdg-pixel-x29 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:50 GMT
Server: MT3 3865 cc0e612 master cdg-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 Aug 2021 13:21:49 GMT

GET
H2 200 sandssurprise.com.js Show response
cdn.speedshiftmedia.com/domain_settings/ 152 B
477 B 97ms
26ms Script
application/javascript 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedshiftmedia.com/domain_settings/sandssurprise.com.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRBMQ6X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af56a504331fa3510b185436f7a50c56099fc4bdaa23181f2e070d66a9320309

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
last-modified: Fri, 27 Nov 2020 00:56:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "f2588895246447c32ecd1e289112b89c"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 152
x-amz-cf-id: Nc2OwyCraj6HxZDWc47-2hWQA-rV3yWb6XziYhJ3JLRex558SfXNlg==

GET
H/1.1 200
OK carnow_plugin.js Show response
app.carnow.com/dealers/ 7 KB
4 KB 436ms
131ms Script
text/javascript 23.20.64.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.carnow.com/dealers/carnow_plugin.js?key=gmps-sands-chev

Requested by

Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.2858/baselDeploy/basel.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.64.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-64-84.compute-1.amazonaws.com

Software

nginx /

Resource Hash

34b6437e371274f0a9d954c7cd17cf107116f12167f73c333bd7a5d86e285b84

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Runtime: 0.031635
Date: Tue, 31 Aug 2021 13:21:51 GMT
Content-Encoding: gzip
Server: nginx
X-Frame-Options: ALLOWALL
Vary: Accept-Encoding, Origin
Content-Type: text/javascript; charset=utf-8
Status: 200 OK
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 2834
X-Request-Id: f0896760-a362-471e-bea8-a06ceefe8ee8

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 24E6 5 KB
6 KB 103ms
103ms Document
text/html 209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=hbAIZFE9Tf2ihm4ODbNCPw&ep=S4PNcDHn_OfuF1P5nET4mjoVrmzxNjSrMsKYEzfyHr0qrr5epVNM6kpTjDR8JmZPBnGSttxmNvXIQmguk4Yed8AqkvNfUxVG65HZE0bKl0k

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dcdd4df1b-a42a-c19e-31b8-ca1670a58a4f%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.sandssurprise.com/&ex-hargs=v%3D1.0%3Bc%3D4772903830801%3Bp%3DCDD4DF1B-A42A-C19E-31B8-CA1670A58A4F&cb=423643020593420740&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

21c1109a2d388102dd8a7f1bd4ca52a72b3580c0d4954604223670a4dee14d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dcdd4df1b-a42a-c19e-31b8-ca1670a58a4f%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.sandssurprise.com/&ex-hargs=v%3D1.0%3Bc%3D4772903830801%3Bp%3DCDD4DF1B-A42A-C19E-31B8-CA1670A58A4F&cb=423643020593420740&dcc=t
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A2Hgda15xEn0gRGfZc96SD0; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dcdd4df1b-a42a-c19e-31b8-ca1670a58a4f%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.sandssurprise.com/&ex-hargs=v%3D1.0%3Bc%3D4772903830801%3Bp%3DCDD4DF1B-A42A-C19E-31B8-CA1670A58A4F&cb=423643020593420740&dcc=t

Response headers

Server: Server
Date: Tue, 31 Aug 2021 13:21:50 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 5343
Connection: keep-alive
x-amz-rid: SQH7B2GV3V62XA3XBQEG
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
91 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-145050188-3&cid=1325343440.1630416111&jid=1973363492&gjid=1051690411&_gid=2000140333.1630416111&_u=YEBAAEAAAAAAAC~&z=1016274370

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 31 Aug 2021 13:21:50 GMT
content-type: text/plain
access-control-allow-origin: https://www.sandssurprise.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-112628093-21&cid=1325343440.1630416111&jid=2110238345&gjid=330878679&_gid=2000140333.1630416111&_u=YEDAAEABAAAAAC~&z=1131299930

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 31 Aug 2021 13:21:50 GMT
content-type: text/plain
access-control-allow-origin: https://www.sandssurprise.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-111031593-1&cid=1325343440.1630416111&jid=511591998&gjid=1545270530&_gid=2000140333.1630416111&_u=YEDAAEABAAAAAC~&z=141759892

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 31 Aug 2021 13:21:50 GMT
content-type: text/plain
access-control-allow-origin: https://www.sandssurprise.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-10793379-2&cid=1325343440.1630416111&jid=1956519529&gjid=941876234&_gid=2000140333.1630416111&_u=YEDAAUABAAAAAC~&z=1869677383

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 31 Aug 2021 13:21:50 GMT
content-type: text/plain
access-control-allow-origin: https://www.sandssurprise.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js Show response
assets.adobedtm.com/ 227 KB
71 KB 22ms
8ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBGB6LV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 352eeb469764e58c4b87d168bc9c9fe4fd33c3e2ce387e7aacfa4194ce214a95

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 23:34:55 GMT
server: AkamaiNetStorage
etag: "cbec75bd377d3142e85ac7625265fdfe:1628206495.875493"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.sandssurprise.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 72164
expires: Tue, 31 Aug 2021 14:21:50 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1042608535/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1042608535/?random=1630416110823&cv=9&fst=1630416110823&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sandssurprise.com%2F&tiba=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad67297ca4181b7c0511a967b822d52be8b1e33c7f40ffdfe7c318c9f0fbdb7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/878589504/ 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/878589504/?random=1630416110828&cv=9&fst=1630416110828&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&data=dynx_itemid%3D%3Bdynx_itemid2%3D%3Bdynx_itemid3%3DHome&frm=0&url=https%3A%2F%2Fwww.sandssurprise.com%2F&tiba=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a5e33ede4874ab2f932af0a3274d5f7390185ebc4989cbf09fb619b77326fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 co Show response
api.speedshiftmedia.com/public/gfu/v2/ 107 B
402 B 105ms
38ms Script
text/javascript 18.66.97.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.speedshiftmedia.com/public/gfu/v2/co?callback=window.SSMGF.u.fn.cb_co&o=g
Requested by: Host: services.cdn.speedshiftmedia.com
URL: https://services.cdn.speedshiftmedia.com/gf/core.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 878de6ff490fb5c78e111c5ed8be00c71cd31b1d4cfcfb82ed27222d26e2212b

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
via: 1.1 59d5785a1d012a54118141e7e216a493.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P2
vary: *
x-cache: LambdaGeneratedResponse from cloudfront
content-type: text/javascript; charset=utf8
access-control-allow-origin: *
content-length: 107
x-amz-cf-id: M56ykgrUnE5HE7vRf7BmMoLnlVrB_sEQeWyMi-C5xX1gL9Fzm2v68g==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
30ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-112628093-21&cid=1325343440.1630416111&jid=2110238345&_u=YEDAAEABAAAAAC~&z=1139327014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
29ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-112628093-21&cid=1325343440.1630416111&jid=2110238345&_u=YEDAAEABAAAAAC~&z=1139327014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-111031593-1&cid=1325343440.1630416111&jid=511591998&_u=YEDAAEABAAAAAC~&z=1239669307

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-111031593-1&cid=1325343440.1630416111&jid=511591998&_u=YEDAAEABAAAAAC~&z=1239669307

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
72 B 32ms
30ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-10793379-2&cid=1325343440.1630416111&jid=1956519529&_u=YEDAAUABAAAAAC~&z=684454655

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 42ms
39ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-10793379-2&cid=1325343440.1630416111&jid=1956519529&_u=YEDAAUABAAAAAC~&z=684454655

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 18001525.js Show response
bat.bing.com/p/action/ 0
109 B 176ms
175ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/18001525.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Aug 2021 13:21:50 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: D463C47573CB4D7F96EAE81478A05F4B Ref B: FRAEDGE1517 Ref C: 2021-08-31T13:21:50Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
148 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=18001525&tm=gtm002&Ver=2&mid=ce05285b-91e3-429b-bd31-35b1112319dd&sid=66bd42f00a5e11ecab03ff28e6800e17&vid=66bd77700a5e11ecbaf6a3fdeaf1d228&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria,%20Avondale%20%26%20Phoenix&kw=Sands%20Chevrolet%20-%20Surprise,%20Sands%20Chevrolet,%20Glendale%20AZ%20truck,%20surprise%20chevrolet,%20Avondale%20chevrolet,%20Buckeye%20Chevrolet,%20Goodyear%20Chevrolet,%20Peoria%20Chevrolet,%20Glendale%20AZ%20used%20cars,%20chevrolet%20Glendale%20AZ,%20Glendale%20AZ%20chevrolet,%20chevy%20scottsdale,%20scottsdale%20chevy,%20Glendale%20AZ%20trucks,%20trucks%20Glendale%20AZ,%20chevy%20Glendale%20AZ,%20Glendale%20AZ%20chevy,%20scottsdale%20chevrolet,%20chevrolet%20scottsdale,%20Glendale%20AZ%20auto%20dealers,%20Glendale%20AZ%20car%20dealers,%20Glendale%20AZ%20car%20dealership,%20El%20Mirage%20Chevrolet&p=https%3A%2F%2Fwww.sandssurprise.com%2F&r=&lt=2020&evt=pageLoad&msclkid=N&sv=1&rn=517202
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 2E2556A58E2440B88F3BDF62019F2473 Ref B: FRAEDGE1517 Ref C: 2021-08-31T13:21:50Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tv2track.php
collector-6821.tvsquared.com/ 42 B
276 B 31ms
29ms Image
image/gif 18.202.15.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-6821.tvsquared.com/tv2track.php?action_name=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&idsite=TV-36187281-1&rec=1&r=280980&h=15&m=21&s=50&url=https%3A%2F%2Fwww.sandssurprise.com%2F&_id=6a03c252812d804e&_idts=1630416111&_idvc=0&_idn=1&_viewts=&cookie=1&res=1600x1200&gt_ms=910
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.15.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-15-91.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:50 GMT
Server: nginx
Connection: keep-alive
Request-Id: dd6f963f-5629-4f51-bc52-8e47c3f92524
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length: 42
Content-Type: image/gif

GET
H2 200 ckCookies.js Show response
dt.cobaltgroup.com/dt/ 17 B
170 B 165ms
165ms Script
text/javascript 52.8.197.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.cobaltgroup.com/dt/ckCookies.js?dtuid=1630416110620755900
Requested by: Host: dt.cobaltgroup.com
URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=F0C51826C1BD9385CC097807523A7959&webid=gmps-sands-chev&sitetype=dealer&eventId=eb939c80265f10068136080020f0176c&cs:ssi=F0C51826C1BD9385CC097807523A7959&_=1630416107854
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.197.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-197-246.us-west-1.compute.amazonaws.com
Software: Display Tracker 2.0 /
Resource Hash: 46787dd8637d6a3eb90accc10852bfbcec47e4509d0e8be42535e007d253c78b

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
x-autoscale-group: dt-prod-ca-asg
server: Display Tracker 2.0
content-length: 37
content-type: text/javascript

GET
H3-29 200 tr
www.facebook.com/ 44 B
91 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=2340370346232083&ev=ViewContent&cd[content_type]=product&cd[content_ids]=_gmps-sands-chev&cd[fb_webid]=gmps-sands-chev&cd[fb_make]=&cd[fb_model]=&cd[fb_condition]=&cd[fb_stage]=nonshopper&noscript=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 31 Aug 2021 13:21:50 GMT

GET
H/1.1 200
OK iu3
s.amazon-adsystem.com/ 0
0 122ms
106ms Image
text/html 209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?d=3pecm&ad=1509026001
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 g.pixel
aa.agkn.com/adscores/ 43 B
351 B 75ms
20ms Image
image/gif 18.169.236.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212297528&puid=1630416110620755900
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.236.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-236-234.eu-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 msid.gif
px.marchex.io/ 43 B
285 B 100ms
98ms Image
image/gif 35.169.206.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/msid.gif?spid=cdk&uid=1630416110620755900
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.206.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-206-198.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "2b-5c6109ac87f37"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: image/gif
content-length: 43

GET
H2 451 398676.gif
idsync.rlcdn.com/ 0
66 B 32ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398676.gif?partner_uid=1630416110620755900
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET a.gif
s.ixiaa.com/ 0
0

GET
H2 200 L21rdC84MTYvY2lkLzI4NTkwODExL3QvMi9jYXQvMzE2MTg0MTQ
d.turn.com/r/dd/id/ 43 B
407 B 64ms
31ms Image
image/gif 2001:678:cb4:bbbb::13
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTkwODExL3QvMi9jYXQvMzE2MTg0MTQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::13 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 pixel;r=1620200450;labels=_fp.channel.sandssurprise%2C_fp.event.homepage;rf=0;a=p-YrB3f55X0U0rf;url=https%3A%2F%2Fwww.sandssurprise.com%2F;uht=2;fpan=1;fpa=P0-390560680-1630416110872;pbcn=u;pbc=;ns...
pixel.quantserve.com/ 35 B
370 B 18ms
11ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1620200450;labels=_fp.channel.sandssurprise%2C_fp.event.homepage;rf=0;a=p-YrB3f55X0U0rf;url=https%3A%2F%2Fwww.sandssurprise.com%2F;uht=2;fpan=1;fpa=P0-390560680-1630416110872;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=sandssurprise.com;je=0;sr=1600x1200x24;dst=1;et=1630416110871;tzo=-120;ogl=title.Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%252C%20Avondale%20%26%20Pho%2Ctype.Website%2Cdescription.Sands%20Chevrolet%20-%20Surprise%20is%20proud%20to%20be%20your%20Arizona%20Chevy%20dealership%20serving%20%2Curl.https%3A%2F%2Fwww%252Esandssurprise%252Ecom%2F%3Fcs%3Ae%3Dm%26cs%3Aq%3DSands%2520Chevy%2520Avondale%26cs%3Am%3Db%26cs%3Aci

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1042608535/ 42 B
74 B 20ms
18ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1042608535/?random=1630416110823&cv=9&fst=1630414800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sandssurprise.com%2F&tiba=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&async=1&fmt=3&is_vtc=1&random=4028228953&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1042608535/ 42 B
64 B 27ms
25ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1042608535/?random=1630416110823&cv=9&fst=1630414800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sandssurprise.com%2F&tiba=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&async=1&fmt=3&is_vtc=1&random=4028228953&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/878589504/ 42 B
74 B 21ms
19ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/878589504/?random=1630416110828&cv=9&fst=1630414800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&data=dynx_itemid%3D%3Bdynx_itemid2%3D%3Bdynx_itemid3%3DHome&frm=0&url=https%3A%2F%2Fwww.sandssurprise.com%2F&tiba=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&async=1&fmt=3&is_vtc=1&random=1803663074&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/878589504/ 42 B
64 B 29ms
27ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/878589504/?random=1630416110828&cv=9&fst=1630414800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&data=dynx_itemid%3D%3Bdynx_itemid2%3D%3Bdynx_itemid3%3DHome&frm=0&url=https%3A%2F%2Fwww.sandssurprise.com%2F&tiba=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&async=1&fmt=3&is_vtc=1&random=1803663074&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 7F85 43 B
479 B 40ms
38ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=662c612e-2cee-4f00-afee-8f3cd034acbe&no_iframe=1&mt_adid=157853&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3865 cc0e612 master cdg-pixel-x8 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=662c612e-2cee-4f00-afee-8f3cd034acbe&no_iframe=1&mt_adid=157853&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:50 GMT
Server: MT3 3865 cc0e612 master cdg-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 Aug 2021 13:21:49 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 132 KB
43 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MLR26JQ

Requested by

Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cc2cc9235c415e0a3726208c1d7ffffebd26366170b1a9139bb4defe8fc49b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43492
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Aug 2021 13:21:50 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 127ms
37ms XHR
application/json 52.30.146.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=757A02BE532B22BA0A490D4C%40AdobeOrg&d_nsid=0&ts=1630416110911

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.146.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-146-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

90c3b7a05fde380bbfd62784e4cd642c500f7dd917b21c960f7a8a024ef3f9a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v015-0c67acd41.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: joLpcCclQ6U=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.sandssurprise.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1445
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP6580734006504e9facd682c439318b88/ 36 KB
13 KB 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP6580734006504e9facd682c439318b88/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b688b7d8c9a306ac5fc64ab06561ca04693e1c5d0ea9877a4c853581d04971ea

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
last-modified: Mon, 09 Sep 2019 22:19:26 GMT
server: AkamaiNetStorage
etag: "279821f231e2e055aa15fd6e6ae29d46:1568067566.281876"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.sandssurprise.com
x-check-cacheable: YES
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 13336
expires: Tue, 31 Aug 2021 14:21:50 GMT

GET
H2 200 RCca63a177a1d64fe0aec3a1388bc3d9f5-source.min.js Show response
assets.adobedtm.com/ea8c57fea068/5ddce4be9ac2/b6ad2a87fd9f/ 647 B
694 B 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ea8c57fea068/5ddce4be9ac2/b6ad2a87fd9f/RCca63a177a1d64fe0aec3a1388bc3d9f5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4415a92e2478a9fa45c84f12d1b7d1c0a011e6f7bc53ca52d5cde89b69ac5d07

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 23:34:56 GMT
server: AkamaiNetStorage
etag: "333980060412e9d4ecc81efeb0f17a4f:1628206496.558315"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.sandssurprise.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 425
expires: Tue, 31 Aug 2021 14:21:50 GMT

GET
H2 200 RC894f28d065874016ba629c2ff3ccfedc-source.min.js Show response
assets.adobedtm.com/ea8c57fea068/5ddce4be9ac2/b6ad2a87fd9f/ 1 KB
930 B 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ea8c57fea068/5ddce4be9ac2/b6ad2a87fd9f/RC894f28d065874016ba629c2ff3ccfedc-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c64cafe43d3208b81945ee51b231f94555024d8bedeb47437ec5b7010ff50e04

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 23:34:56 GMT
server: AkamaiNetStorage
etag: "333980060412e9d4ecc81efeb0f17a4f:1628206496.558315"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.sandssurprise.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 661
expires: Tue, 31 Aug 2021 14:21:50 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1621550208998%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=889dny99999cG08C

43 B
556 B

288ms
103ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=889dny99999cG08C

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=hbAIZFE9Tf2ihm4ODbNCPw&ep=S4PNcDHn_OfuF1P5nET4mjoVrmzxNjSrMsKYEzfyHr0qrr5epVNM6kpTjDR8JmZPBnGSttxmNvXIQmguk4Yed8AqkvNfUxVG65HZE0bKl0k

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: DBFYFA5D9J1C7F3SFFHR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=889dny99999cG08C
Date: Tue, 31 Aug 2021 13:21:51 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: e1b1
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=164851003895000228453&ex=neustar.biz

43 B
556 B

162ms
104ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=164851003895000228453&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: EYDGK3NPF56TMCMRXGCD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:50 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=164851003895000228453&ex=neustar.biz
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7591941415
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7591941415
https://sync.1rx.io/usersync/tradedesk/58725a25-6d1b-4f33-8b9e-517b3fd30a31
https://sync.targeting.unrulymedia.com/csync/RX-5405c72b-af2f-41ee-8dd5-8b1826f8009e-003?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-5405c72b-af2f-41ee-8dd5-8b1826f8009e-003%26ex%3Dr...
https://s.amazon-adsystem.com/ecm3?id=RX-5405c72b-af2f-41ee-8dd5-8b1826f8009e-003&ex=rhythmone.com

43 B
556 B

104ms
104ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=RX-5405c72b-af2f-41ee-8dd5-8b1826f8009e-003&ex=rhythmone.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:54 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: C4Q9H4G0SSCF1Z1J1BQR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=RX-5405c72b-af2f-41ee-8dd5-8b1826f8009e-003&ex=rhythmone.com
date: Tue, 31 Aug 2021 13:21:54 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX5405c72baf2f41ee8dd58b1826f8009e003
content-type: text/html

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=d31e3d462c52f7f68c001d348fb6ee00

43 B
556 B

248ms
104ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=d31e3d462c52f7f68c001d348fb6ee00

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: AAH048QFY5481TDR05E7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=d31e3d462c52f7f68c001d348fb6ee00
date: Tue, 31 Aug 2021 13:21:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=e0kewy99999cG08C

43 B
556 B

277ms
107ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=e0kewy99999cG08C

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N04S081TY3D6TTPYV01G
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=e0kewy99999cG08C
Date: Tue, 31 Aug 2021 13:21:51 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 44e
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP66d10350-0a5e-11ec-8b63-02dacf6e1626
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP66d10350-0a5e-11ec-8b63-02dacf6e1626&verify=true
https://s.amazon-adsystem.com/ecm3?id=b10c543ea12077f6056c49af3c247fbf460fb927&ex=aoldisplay.com

43 B
556 B

107ms
106ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=b10c543ea12077f6056c49af3c247fbf460fb927&ex=aoldisplay.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:53 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N8MGNNACXV3Y2TC82XKJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 31 Aug 2021 13:21:53 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?id=b10c543ea12077f6056c49af3c247fbf460fb927&ex=aoldisplay.com
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=50813806-02ff-494a-b41c-df781a67c1cd

43 B
556 B

286ms
110ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=50813806-02ff-494a-b41c-df781a67c1cd

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FSATDYPF64HZDFGDMXMH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Date: Tue, 31 Aug 2021 13:21:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=50813806-02ff-494a-b41c-df781a67c1cd

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame 24E6 43 B
183 B 291ms
94ms Image
image/gif 2600:1f18:612b:4216:6562:d53b:a2e7:750a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=hbAIZFE9Tf2ihm4ODbNCPw&ep=S4PNcDHn_OfuF1P5nET4mjoVrmzxNjSrMsKYEzfyHr0qrr5epVNM6kpTjDR8JmZPBnGSttxmNvXIQmguk4Yed8AqkvNfUxVG65HZE0bKl0k
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:6562:d53b:a2e7:750a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 24E6 0
0 109ms
33ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=hbAIZFE9Tf2ihm4ODbNCPw&ep=S4PNcDHn_OfuF1P5nET4mjoVrmzxNjSrMsKYEzfyHr0qrr5epVNM6kpTjDR8JmZPBnGSttxmNvXIQmguk4Yed8AqkvNfUxVG65HZE0bKl0k
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 /
spl.zeotap.com/ Frame 24E6 731 B
731 B 62ms
34ms Image
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1353&env=mWeb&eventType=pageview&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%24_ZTP_UUID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=hbAIZFE9Tf2ihm4ODbNCPw&ep=S4PNcDHn_OfuF1P5nET4mjoVrmzxNjSrMsKYEzfyHr0qrr5epVNM6kpTjDR8JmZPBnGSttxmNvXIQmguk4Yed8AqkvNfUxVG65HZE0bKl0k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 687690758ea9177a-FRA
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=82d3956bbe4aecebcfc9c162dd9d463&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

235ms
107ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=82d3956bbe4aecebcfc9c162dd9d463&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XNDJSSNVMKBHJWE8KHP1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=82d3956bbe4aecebcfc9c162dd9d463&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1630416110952053-539
Expires: Tue, 31 Aug 2021 13:21:51 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
556 B

104ms
103ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:58 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 36E5DZ1JEJ3BP4A41K55
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 31 Aug 2021 13:21:58 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
content-security-policy-report-only: default-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com; script-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=BFA9DH56JC8HWD9H66M9:sn=www.imdb.com
x-cache: Miss from cloudfront
vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
content-length: 0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
server: Server
x-amz-rid: BFA9DH56JC8HWD9H66M9
strict-transport-security: max-age=47474747; includeSubDomains; preload
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
permissions-policy: interest-cohort=()
x-amz-cf-id: 1u3Vamiz-UuRdhYaQNqR9K4jTLQU1bmWod8MctgXRLdW4-qaWEoSzQ==

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 24E6 0
263 B 740ms
103ms Image
text/plain 3.208.250.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=hbAIZFE9Tf2ihm4ODbNCPw&ep=S4PNcDHn_OfuF1P5nET4mjoVrmzxNjSrMsKYEzfyHr0qrr5epVNM6kpTjDR8JmZPBnGSttxmNvXIQmguk4Yed8AqkvNfUxVG65HZE0bKl0k
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.250.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-250-137.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
Server: nginx/1.16.1
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e14518125f2e269f

43 B
556 B

144ms
105ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e14518125f2e269f

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JS20MD0FKRF4CNFD68TY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e14518125f2e269f
date: Tue, 31 Aug 2021 13:21:51 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 93
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=AZlsCw1VRLeD37XBfocwlQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=63155242177322213284326113704636582218

43 B
556 B

105ms
105ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=63155242177322213284326113704636582218

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FN6T3JXEZZY7S08QHNAB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v015-0f38eef05.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: IUFsgU8WSBA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=63155242177322213284326113704636582218
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=yskDbpWnQdmv4cbzwwoLQA
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10813213075246993409&gdpr=&gdpr_consent=

43 B
556 B

109ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10813213075246993409&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: H5X8E42B9958XR90XCXP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10813213075246993409&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame 24E6 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6377616941427298700

43 B
556 B

147ms
103ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6377616941427298700

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TCR7CKAGE72G5BA1FZQ3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
server: nginx
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6377616941427298700
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=6744d9dd-0a5e-11ec-b9d0-12e2ec150406
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=6744d9a6-0a5e-11ec-b9d0-12e2ec150406

43 B
556 B

107ms
102ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=6744d9a6-0a5e-11ec-b9d0-12e2ec150406

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FA8QJJZXEB2VKBS7Y5SM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 31 Aug 2021 13:21:51 GMT
Server: nginx
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=6744d9a6-0a5e-11ec-b9d0-12e2ec150406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 82
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

acs
lm.serving-sys.com/lm/ Frame 24E6
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2246b0c50a-1bfa-4f3e-a935-74fc656a12f3%22,%22Time%22:%2220210831T092151.760728%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]

0
159 B

454ms
99ms

Image
text/plain

35.170.144.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2246b0c50a-1bfa-4f3e-a935-74fc656a12f3%22,%22Time%22:%2220210831T092151.760728%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=hbAIZFE9Tf2ihm4ODbNCPw&ep=S4PNcDHn_OfuF1P5nET4mjoVrmzxNjSrMsKYEzfyHr0qrr5epVNM6kpTjDR8JmZPBnGSttxmNvXIQmguk4Yed8AqkvNfUxVG65HZE0bKl0k
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.144.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-144-83.compute-1.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
location: https://lm.serving-sys.com/lm/acs?json={"GUID":"46b0c50a-1bfa-4f3e-a935-74fc656a12f3","Time":"20210831T092151.760728"}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
cache-control: private
content-type: text/html; charset=UTF-8
content-length: 365
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEDp0xciLH_FAh-6Y88bXNhs&google_cver=1

43 B
556 B

105ms
105ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEDp0xciLH_FAh-6Y88bXNhs&google_cver=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:52 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XFMKVY7ZHGBV5JJ5DR44
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEDp0xciLH_FAh-6Y88bXNhs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 24E6
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=amzn
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

0
337 B

345ms
30ms

Image
text/plain

54.74.18.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=hbAIZFE9Tf2ihm4ODbNCPw&ep=S4PNcDHn_OfuF1P5nET4mjoVrmzxNjSrMsKYEzfyHr0qrr5epVNM6kpTjDR8JmZPBnGSttxmNvXIQmguk4Yed8AqkvNfUxVG65HZE0bKl0k
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.18.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-18-91.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:52 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1630416112
x-served-by: beacon-n006-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
date: Tue, 31 Aug 2021 13:21:52 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a008-ash-prod.krxd.net

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f8b0dc429942a1eba2d336c67b014411

43 B
556 B

108ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f8b0dc429942a1eba2d336c67b014411

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:53 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 30VAGKN0KBD6RM8WXNMD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 31 Aug 2021 13:21:53 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f8b0dc429942a1eba2d336c67b014411
content-length: 108
x-amz-cf-id: WtsS5uWnDJ28DLGjUScOgTpBvsyRRb4906YOZ8Xj2iBKzOU7gBLvew==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=65cdd089-8bee-ca86-0e21-ee27823332d8

43 B
556 B

101ms
100ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=65cdd089-8bee-ca86-0e21-ee27823332d8

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:52 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GWVBWCGFWERBRZ725G6N
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 31 Aug 2021 13:21:52 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=65cdd089-8bee-ca86-0e21-ee27823332d8
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1
https://s.amazon-adsystem.com/ecm3?ex=index&id=KHwbw_40RVThOrWFkndmPjc4dPg4ZgAC

43 B
556 B

104ms
104ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KHwbw_40RVThOrWFkndmPjc4dPg4ZgAC

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:55 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: WRTBDH1BT2H2WVE1D61C
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KHwbw_40RVThOrWFkndmPjc4dPg4ZgAC
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 267
Expires: Tue, 31 Aug 2021 13:21:55 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=C8114215E3F50052

43 B
556 B

106ms
106ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=C8114215E3F50052

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:53 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 04N43T6ANM2B92KANBR9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
frontend-id: 12
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=C8114215E3F50052
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=8933008340622098064&ex=appnexus.com

43 B
556 B

105ms
105ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=8933008340622098064&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:54 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: WYFMDERD24M0ADNWVFXB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:54 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1f3a5dc0-3f65-4cc9-82e9-ea1b48240c28
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?id=8933008340622098064&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=Ne67rCUmAQq4KW8AJALfEA&ex=rubiconproject.com&status=ok

43 B
556 B

109ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=Ne67rCUmAQq4KW8AJALfEA&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:53 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NACYVR98VEXNCGYMNQ7Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=Ne67rCUmAQq4KW8AJALfEA&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=hbAIZFE9Tf2ihm4ODbNCPw&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
556 B

102ms
102ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:52 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2DHMAVZ567MHAREE1EKC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-32da5e7b-c2d0-4044-8d84-53bb5fef7105&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-32da5e7b-c2d0-4044-8d84-53bb5fef7105&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.co...
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-32da5e7b-c2d0-4044-8d84-53bb5fef7105

43 B
556 B

106ms
105ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-32da5e7b-c2d0-4044-8d84-53bb5fef7105

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:52 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: S3W1HT61QVB87HSQNDD0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-32da5e7b-c2d0-4044-8d84-53bb5fef7105
date: Tue, 31 Aug 2021 13:21:52 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 204 /
loadus.exelator.com/load/ Frame 24E6 0
324 B 48ms
15ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=hbAIZFE9Tf2ihm4ODbNCPw&ep=S4PNcDHn_OfuF1P5nET4mjoVrmzxNjSrMsKYEzfyHr0qrr5epVNM6kpTjDR8JmZPBnGSttxmNvXIQmguk4Yed8AqkvNfUxVG65HZE0bKl0k
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=AC8F4F2DF02C2E61444A1CAF0277E3C8

43 B
556 B

109ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=AC8F4F2DF02C2E61444A1CAF0277E3C8

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:52 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SG6TY2WQEMJ72WHG6SF5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 31 Aug 2021 13:21:52 GMT
Server: openresty/1.15.8.2
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=AC8F4F2DF02C2E61444A1CAF0277E3C8
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Content-Length: 151
Expires: Tue, 31 Aug 2021 13:21:51 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-NNgcdSh1l2OKoYk33f0ep1uGC6nFqHc-

43 B
556 B

107ms
107ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-NNgcdSh1l2OKoYk33f0ep1uGC6nFqHc-

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:53 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N496CAJB5V13ZTMYFN5P
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 31 Aug 2021 13:21:53 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-NNgcdSh1l2OKoYk33f0ep1uGC6nFqHc-
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=27360508ca403e23b4bb82180d76a669da95a0dee75b154be17f87c82d61b75f

43 B
556 B

108ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=27360508ca403e23b4bb82180d76a669da95a0dee75b154be17f87c82d61b75f

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:53 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VZSKJ4H24TZSQQTHJY33
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:53 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=27360508ca403e23b4bb82180d76a669da95a0dee75b154be17f87c82d61b75f
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=EAFE1233-8247-4B4C-AA63-9A379E6FBBA7

43 B
556 B

106ms
106ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=EAFE1233-8247-4B4C-AA63-9A379E6FBBA7

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:53 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: AM26W3HMZ3FQBKJTE5XC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=EAFE1233-8247-4B4C-AA63-9A379E6FBBA7
date: Tue, 31 Aug 2021 13:21:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1630090234400%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=xtf-1630090234400&id=PndNmy99999jG08C

43 B
556 B

105ms
105ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xtf-1630090234400&id=PndNmy99999jG08C

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:53 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 099H03SM0EE37777255S
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=xtf-1630090234400&id=PndNmy99999jG08C
Date: Tue, 31 Aug 2021 13:21:53 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 61fb
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24E6
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=c2adc6fb-8485-43ca-a411-046d36543b88-tuct827b271

43 B
556 B

108ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=c2adc6fb-8485-43ca-a411-046d36543b88-tuct827b271

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:53 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XPGFE8R4P49CZ3TM3Q81
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=c2adc6fb-8485-43ca-a411-046d36543b88-tuct827b271
date: Tue, 31 Aug 2021 13:21:53 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14153

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=490712841102742&ev=PageView&dl=https%3A%2F%2Fwww.sandssurprise.com%2F&rl=&if=false&ts=1630416110949&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630416110691.292569011&it=1630416110372&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 31 Aug 2021 13:21:50 GMT

GET
H2 200 RC623b908d34864ec4afe7852f9906e611-source.min.js Show response
assets.adobedtm.com/ea8c57fea068/5ddce4be9ac2/b6ad2a87fd9f/ 647 B
698 B 9ms
8ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ea8c57fea068/5ddce4be9ac2/b6ad2a87fd9f/RC623b908d34864ec4afe7852f9906e611-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 161e00efbaad513d5052b7da4da60f2494e2dd85d0a9435153ce3a8e8744a290

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 23:34:56 GMT
server: AkamaiNetStorage
etag: "333980060412e9d4ecc81efeb0f17a4f:1628206496.558315"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.sandssurprise.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 429
expires: Tue, 31 Aug 2021 14:21:50 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP6580734006504e9facd682c439318b88/ 25 KB
9 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP6580734006504e9facd682c439318b88/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f8e5a1dc315af48015053b6cc6f372181f8a0d09f6a8b59c00a9c93faf2d36db

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:50 GMT
content-encoding: gzip
last-modified: Mon, 09 Sep 2019 22:19:26 GMT
server: AkamaiNetStorage
etag: "8a76ed94897ca973fc6dce12bc3991d6:1568067566.567347"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.sandssurprise.com
x-check-cacheable: YES
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8771
expires: Tue, 31 Aug 2021 14:21:50 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 366 KB
62 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NNTMHJ3

Requested by

Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd393e72537ab250b67f90dd14a5ac765e5906835722883b15a2d729ea9027f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63065
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Aug 2021 13:21:51 GMT

GET
H2 200 config.json Show response
cdn.acsbapp.com/cache/app/sandssurprise.com/ 135 B
322 B 295ms
97ms Fetch
application/json 206.189.187.108
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/sandssurprise.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/assets/js/acsb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.187.108 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn103.acsbapp.com
Software: /
Resource Hash: 81a04a14625e1b4672447f98f61ae3addebd02775892619555989462acab6970

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
last-modified: Tue, 31 Aug 2021 00:58:18 GMT
etag: "87-612d7eaa-44052b189277be71;;;"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 135
expires: Wed, 01 Sep 2021 13:21:51 GMT

GET
H2 200 co Show response
api.speedshiftmedia.com/public/gfu/v2/ 94 B
737 B 40ms
39ms Script
text/javascript 18.66.97.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.speedshiftmedia.com/public/gfu/v2/co?callback=window.SSMGF.u.fn.cb_co&o=s&v1=Z3VpZDo6NjEyZTJjZWVjOWRkZWQ1ZjNiMDAwMjljfHx8c291cmNlOjpnZnU=&v2=eyJ2ZXJzaW9uIjoyLCJndWlkIjoiNjEyZTJjZWVjOWRkZWQ1ZjNiMDAwMjljIiwic2lkIjoiUzIwMjEwODMxMTMyMTgzNHFzNnluSzBEeUVERCIsImxhc3Rfc2VlbiI6MTYzMDQxNjExMX0=
Requested by: Host: services.cdn.speedshiftmedia.com
URL: https://services.cdn.speedshiftmedia.com/gf/core.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 76ed7d66e600ad772932b2893edeb415404b42a3623c0f62341972eead1a8781

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
via: 1.1 59d5785a1d012a54118141e7e216a493.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P2
vary: *
x-cache: LambdaGeneratedResponse from cloudfront
content-type: text/javascript; charset=utf8
access-control-allow-origin: *
content-length: 94
x-amz-cf-id: ST6PwBgm3_pWgG1zQ2medNnFYgFWLprcSWrZA2hUfN0lNSL1u5p5jw==

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 92 KB
35 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WX9GQ8R

Requested by

Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

949b5261ee4dfc79ef78ea4326513d9a57612d10eece2f8047dd1c1c69b489fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36302
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Aug 2021 13:21:51 GMT

GET
H2 200 dt.gif
dt.admission.net/ 43 B
454 B 171ms
164ms Image
image/gif 52.8.197.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.admission.net/dt.gif?sync=1&dtuid=1630416110620755900
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.197.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-197-246.us-west-1.compute.amazonaws.com
Software: Display Tracker 2.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
x-autoscale-group: dt-prod-ca-asg
last-modified: Tue, 31 Aug 2021 13:21:51 GMT
server: Display Tracker 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Tue, 19 Apr 1994 04:00:00 GMT

GET
H2 200 activity;src=1139716;dcnet=3880;boom=40149;sz=1x1;ord=907054465
ad.doubleclick.net/ 42 B
783 B 61ms
33ms Image
image/gif 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;src=1139716;dcnet=3880;boom=40149;sz=1x1;ord=907054465?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
bid.g.doubleclick.net/xbbe/invitepixel/
Redirect Chain

https://segment-pixel.invitemedia.com/pixel?pixelID=67458&partnerID=198&key=segment
https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment

43 B
490 B

1083ms
20ms

Image
image/gif

74.125.206.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f156.1e100.net

Software

cafe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 43
x-xss-protection: 0

Redirect headers

date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 297
x-xss-protection: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://s.tribalfusion.com/i.cid?c=663573&d=30&page=landingPage
https://s.tribalfusion.com/z/i.cid?c=663573&d=30&page=landingPage
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://a.tribalfusion.com/i.match?p=b26&u=8933008340622098064&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://s.tribalfusion.com/z/i.match?p=b26&u=8933008340622098064&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://ib.adnxs.com/setuid?entity=305&code=18072662191331382621

43 B
994 B

19ms
19ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=305&code=18072662191331382621

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:55 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 301a3897-cf15-4b81-9945-1d3bc7f6f5b3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:55 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 44
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6876908ed95c4de2-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://ib.adnxs.com/setuid?entity=305&code=18072662191331382621
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
964 B 1152ms
1086ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10061121&ec=chevyin

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:52 GMT
X-Content-Type-Options: nosniff
Age: 1
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Tue, 31 Aug 2021 13:21:52 GMT

GET
H/1.1

200
OK

pixel
ad.ipredictive.com/d/rt/
Redirect Chain

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26220;ts=907054465
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1630416112

631 B
1 KB

1419ms
99ms

Image
image/jpeg

3.227.92.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1630416112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.92.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-92-182.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:53 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 631
X-CI-RTID: 68bfb376-0a5e-11ec-a83a-f55263150924
Content-Type: image/jpeg

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
via: 1.1 google
server: 441c888ef13a4a9910313f7562f49f87db25497a8b79daf540ab15052ce5a0d0
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, TRACE, OPTIONS
p3p: CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
location: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1630416112
cache-control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-headers: Content-Type
content-type: text/html;charset=ISO-8859-1
alt-svc: clear
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
210 B 10ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.ChevyInNew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
210 B 12ms
11ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.Chevy+In+Q217

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel.gif
login.dotomi.com/
Redirect Chain

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-sands-chev&cdk_id=1630416110620755900
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3035%26dtm_cmagic%3D03bfc1%26dt...
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-sands-chev&cdk_id=163041611...
https://login.dotomi.com/pixel.gif

43 B
129 B

22ms
22ms

Image
image/gif

64.158.223.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.dotomi.com/pixel.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-usadmm.dotomi.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://login.dotomi.com/pixel.gif
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 301ms
124ms Image
image/gif 209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Ddf4de44b-17de-975d-411b-e5e14064606f%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.chevrolet.com/&ex-hargs=v%3D1.0%3Bc%3D4772903830801%3Bp%3DDF4DE44B-17DE-975D-411B-E5E14064606F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: W699FC9ZB640HH51KEGS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p-ZXDzrsfZtpwXm.gif
pixel.quantserve.com/pixel/ 35 B
375 B 9ms
9ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-ZXDzrsfZtpwXm.gif?labels=_fp.event.Chevy+In

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

correlate
dt.cobaltgroup.com/cookiejar/1.0/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=313172&dpuuid=1630416110620755900&redir=https%3A%2F%2Fdt.cobaltgroup.com%2Fcookiejar%2F1.0%2Fcorrelate%3Fformat%3Dgif%26logonly%3D1%26uidindex%3Daam%26uid%3D$%7BDD_U...
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=63155242177322213284326113704636582218

43 B
555 B

167ms
167ms

Image
image/gif

52.8.197.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=63155242177322213284326113704636582218
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.197.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-197-246.us-west-1.compute.amazonaws.com
Software: CJ Service 2.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
x-autoscale-group: x-prod-ca-asg
last-modified: Tue, 31 Aug 2021 13:21:51 GMT
server: CJ Service 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Tue, 19 Apr 1994 04:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v015-0daa04ce6.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: useivWd/QJA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=63155242177322213284326113704636582218
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ 0
239 B 4729ms
23ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=580120&nid=5494&put=1630416110620755900
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H3-29

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=540213371&val=1630416110620755900
https://us-u.openx.net/w/1.0/sd?cc=1&id=540213371&val=1630416110620755900

43 B
61 B

26ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=540213371&val=1630416110620755900
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=540213371&val=1630416110620755900
date: Tue, 31 Aug 2021 13:21:52 GMT
via: 1.1 google
server: OXGW/16.214.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

correlate
dt.admission.net/cookiejar/1.0/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cobalt_group_adp&google_hm=MTYzMDQxNjExMDYyMDc1NTkwMA
https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=

43 B
451 B

165ms
165ms

Image
image/gif

52.8.197.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.197.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-197-246.us-west-1.compute.amazonaws.com
Software: CJ Service 2.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:52 GMT
x-autoscale-group: x-prod-ca-asg
last-modified: Tue, 31 Aug 2021 13:21:52 GMT
server: CJ Service 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Tue, 19 Apr 1994 04:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 282
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
gm.demdex.net/ Frame CCB5 7 KB
3 KB 3399ms
31ms Document
text/html 34.248.86.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gm.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.86.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-86-185.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: gm.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.sandssurprise.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=63155242177322213284326113704636582218
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.sandssurprise.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 31 Aug 2021 13:21:54 GMT
DCS: dcs-prod-irl1-1-v015-0c67acd41.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 26 Aug 2021 10:18:42 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: m4Ph34xlQn8=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YS4s7wAAAJPO_wQp
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=63155242177322213284326113704636582218
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YS4s7wAAAJPO_wQp

42 B
945 B

37ms
37ms

Image
image/gif

52.30.146.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YS4s7wAAAJPO_wQp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.146.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-146-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v015-052ec9957.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Ak5a5jhSSW0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YS4s7wAAAJPO_wQp
Date: Tue, 31 Aug 2021 13:21:51 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3-29

200

activityi;dc_pre=CICmjqmt2_ICFZF70wodmlYN6Q;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=334657921.1630416111;u10=256053;u2=HomePage;u3=en-US;u4=https%3A%2F... Show response
9317774.fls.doubleclick.net/ Frame FF2A
Redirect Chain

https://9317774.fls.doubleclick.net/activityi;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=334657921.1630416111;u10=256053;u2=HomePage;u3=en-US;u4=https%3A%...
https://9317774.fls.doubleclick.net/activityi;dc_pre=CICmjqmt2_ICFZF70wodmlYN6Q;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=334657921.1630416111;u10=256053...

2 KB
901 B

40ms
24ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9317774.fls.doubleclick.net/activityi;dc_pre=CICmjqmt2_ICFZF70wodmlYN6Q;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=334657921.1630416111;u10=256053;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u1=www.sandssurprise.com;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNTMHJ3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

e7e29ed58fd2265f7ca6db7e1e4070fb1922788d520af458da24684915d19f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9317774.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CICmjqmt2_ICFZF70wodmlYN6Q;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=334657921.1630416111;u10=256053;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u1=www.sandssurprise.com;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sandssurprise.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUltgnWW0WFNFDoMWiLntrpfF0dERjTm3SNFg8Qg7kpVgroRjDPKQIwEMG3Oj3s
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Aug 2021 13:21:51 GMT
expires: Tue, 31 Aug 2021 13:21:51 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 878
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Aug 2021 13:21:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9317774.fls.doubleclick.net/activityi;dc_pre=CICmjqmt2_ICFZF70wodmlYN6Q;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=334657921.1630416111;u10=256053;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u1=www.sandssurprise.com;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

activityi;dc_pre=CLWfkqmt2_ICFWXAUQodQXQHLw;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=334657921.1630416111;u1=www.sandssurprise.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2F... Show response
9399534.fls.doubleclick.net/ Frame C193
Redirect Chain

https://9399534.fls.doubleclick.net/activityi;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=334657921.1630416111;u1=www.sandssurprise.com;u2=HomePage;u3=en-US;u4=https%3A%2F%...
https://9399534.fls.doubleclick.net/activityi;dc_pre=CLWfkqmt2_ICFWXAUQodQXQHLw;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=334657921.1630416111;u1=www.sandssurprise.com;u2...

2 KB
866 B

39ms
24ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9399534.fls.doubleclick.net/activityi;dc_pre=CLWfkqmt2_ICFWXAUQodQXQHLw;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=334657921.1630416111;u1=www.sandssurprise.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u10=256053;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNTMHJ3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

93129747c97acf49989a5bc6491a96e4b8a3f05c4351ae75ca02eeaf120deda1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9399534.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLWfkqmt2_ICFWXAUQodQXQHLw;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=334657921.1630416111;u1=www.sandssurprise.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u10=256053;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sandssurprise.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUltgnWW0WFNFDoMWiLntrpfF0dERjTm3SNFg8Qg7kpVgroRjDPKQIwEMG3Oj3s
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Aug 2021 13:21:51 GMT
expires: Tue, 31 Aug 2021 13:21:51 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 843
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Aug 2021 13:21:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9399534.fls.doubleclick.net/activityi;dc_pre=CLWfkqmt2_ICFWXAUQodQXQHLw;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=334657921.1630416111;u1=www.sandssurprise.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u10=256053;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H/1.1 204
No Content 256053
api.mrg.agency/api/creativePixel/facebook/ Frame 0
0 8008ms
122ms Preflight 13.65.210.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mrg.agency/api/creativePixel/facebook/256053

Protocol

HTTP/1.1

Server

13.65.210.166 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Origin: https://www.sandssurprise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Microsoft-IIS/10.0
Request-Context: appId=cid-v1:dc6d1085-8355-4219-9507-f15a28d56a35
Strict-Transport-Security: max-age=2592000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: x-api-key
Access-Control-Allow-Methods: GET
X-Powered-By: ASP.NET
Date: Tue, 31 Aug 2021 13:21:58 GMT

OPTIONS
H/1.1 204
No Content 256053
api.mrg.agency/api/creativePixel/google/ Frame 0
0 8010ms
124ms Preflight 13.65.210.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mrg.agency/api/creativePixel/google/256053

Protocol

HTTP/1.1

Server

13.65.210.166 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Origin: https://www.sandssurprise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Microsoft-IIS/10.0
Request-Context: appId=cid-v1:dc6d1085-8355-4219-9507-f15a28d56a35
Strict-Transport-Security: max-age=2592000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: x-api-key
Access-Control-Allow-Methods: GET
X-Powered-By: ASP.NET
Date: Tue, 31 Aug 2021 13:21:58 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 366ms
21ms Script
application/x-javascript 18.66.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNTMHJ3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 05:29:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 28346
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: _Eif62xqaSUOnJqz1xmjaP2mIKb2r6va2SdFVC_GI6ravIp8X9ElhA==

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1292049&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1292049%26t%3D1

0
1005 B

20ms
20ms

Script
application/javascript

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1292049%26t%3D1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: faab9573-760b-4dfe-8a48-a3d1dbad305c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 88cc12ee-40dc-4617-9730-34f4c9efbac6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1292049%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-undefined&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-10793379-2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e3a13ab242ef1164ac74ef88ee501218cc2244bef7d351bd5d3b23c7bd23f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39244
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Aug 2021 13:21:51 GMT

GET
H/1.1 200
OK 256053 Show response
api.mrg.agency/api/creativePixel/facebook/ 264 B
984 B 125ms
125ms XHR
text/plain 13.65.210.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mrg.agency/api/creativePixel/facebook/256053

Requested by

Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.65.210.166 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0cb298d1e256055ad78800456488e9e871331f8c31234b07a2cc151f11de98bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Api-Key: f60e50d512a04e3b93bd7367387b69cd

Response headers

Strict-Transport-Security: max-age=2592000
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Api-Key
Transfer-Encoding: chunked
Date: Tue, 31 Aug 2021 13:21:58 GMT
Request-Context: appId=cid-v1:dc6d1085-8355-4219-9507-f15a28d56a35

GET
H/1.1 200
OK 256053 Show response
api.mrg.agency/api/creativePixel/google/ 256 B
977 B 127ms
127ms XHR
text/plain 13.65.210.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mrg.agency/api/creativePixel/google/256053

Requested by

Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.65.210.166 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

91092876a5a7a6625eaff0579006208afbe10b9178c664726e613557f090ecd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Api-Key: f60e50d512a04e3b93bd7367387b69cd

Response headers

Strict-Transport-Security: max-age=2592000
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Api-Key
Transfer-Encoding: chunked
Date: Tue, 31 Aug 2021 13:21:58 GMT
Request-Context: appId=cid-v1:dc6d1085-8355-4219-9507-f15a28d56a35

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 8ms
7ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 07 Sep 2021 13:21:51 GMT

GET
H2 200 rules-p-2XLn5BMqXtxy7.js Show response
rules.quantcount.com/ 741 B
1 KB 7ms
7ms Script
application/javascript 2600:9000:223c:e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-2XLn5BMqXtxy7.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/aquant.js?a=p-d-vRjvTMWyhsd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 615f8227f700d8ec8b094cfb18dbe36305d69201a1a962fc7cefc8d389ae96ec

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 12:47:03 GMT
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
age: 2181
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 741
last-modified: Mon, 20 May 2019 16:34:29 GMT
server: AmazonS3
etag: "2bc98a10b4d1827a0e8c618e5584ceee"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: hqH96EgU1Vz57-gIhgvaOFiPAaIG8mOxQiS8MHGrMiX2ZHbwalbHOw==

GET
H3-29 200 activityi;register_conversion=1;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=334657921.1630416111;u10=256053;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sands...
9317774.fls.doubleclick.net/ 0
0 16ms
15ms Image
text/html 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9317774.fls.doubleclick.net/activityi;register_conversion=1;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=334657921.1630416111;u10=256053;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u1=www.sandssurprise.com;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
260 B 336ms
29ms Image
image/gif 52.50.64.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=xh5jqn1&ct=0:pv6rznw&fmt=3&td1=256053&gtmcb=1004481170
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.64.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-64-214.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 activityi;register_conversion=1;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=334657921.1630416111;u1=www.sandssurprise.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssur...
9399534.fls.doubleclick.net/ 0
0 16ms
15ms Image
text/html 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9399534.fls.doubleclick.net/activityi;register_conversion=1;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=334657921.1630416111;u1=www.sandssurprise.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u10=256053;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2

200

src=10687887;dc_pre=CMuRkqmt2_ICFXdEwgodQicBUg;type=lmagm0;cat=rt-al0;u1=Chevrolet;u2=256053;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=10687887;type=lmagm0;cat=rt-al0;u1=Chevrolet;u2=256053;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_cons...
https://ad.doubleclick.net/ddm/activity/src=10687887;dc_pre=CMuRkqmt2_ICFXdEwgodQicBUg;type=lmagm0;cat=rt-al0;u1=Chevrolet;u2=256053;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://adservice.google.com/ddm/fls/z/src=10687887;dc_pre=CMuRkqmt2_ICFXdEwgodQicBUg;type=lmagm0;cat=rt-al0;u1=Chevrolet;u2=256053;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...

42 B
107 B

42ms
42ms

Image
image/gif

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=10687887;dc_pre=CMuRkqmt2_ICFXdEwgodQicBUg;type=lmagm0;cat=rt-al0;u1=Chevrolet;u2=256053;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=977003288?gtmcb=1216858823

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=10687887;dc_pre=CMuRkqmt2_ICFXdEwgodQicBUg;type=lmagm0;cat=rt-al0;u1=Chevrolet;u2=256053;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=977003288?gtmcb=1216858823
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1021 B 35ms
33ms Image
image/gif 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=22758161&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:51 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ea31c0b9-ae62-4029-9859-9256805707d4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel;r=1520553161;rf=3;a=p-2XLn5BMqXtxy7;url=https%3A%2F%2Fwww.sandssurprise.com%2F;uht=2;fpan=0;fpa=P0-390560680-1630416110872;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;re...
pixel.quantserve.com/ 35 B
370 B 17ms
14ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1520553161;rf=3;a=p-2XLn5BMqXtxy7;url=https%3A%2F%2Fwww.sandssurprise.com%2F;uht=2;fpan=0;fpa=P0-390560680-1630416110872;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=sandssurprise.com;je=0;sr=1600x1200x24;dst=1;et=1630416111155;tzo=-120;ogl=title.Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%252C%20Avondale%20%26%20Pho%2Ctype.Website%2Cdescription.Sands%20Chevrolet%20-%20Surprise%20is%20proud%20to%20be%20your%20Arizona%20Chevy%20dealership%20serving%20%2Curl.https%3A%2F%2Fwww%252Esandssurprise%252Ecom%2F%3Fcs%3Ae%3Dm%26cs%3Aq%3DSands%2520Chevy%2520Avondale%26cs%3Am%3Db%26cs%3Aci

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 s44944679779271 Show response
generalmotorscorporation.sc.omtrdc.net/b/ss/genmotcorgmust2t3dealersites,gmgeneralmotorsglobal/10/JS-2.17.0-LBSQ/ 4 KB
5 KB 1117ms
62ms Script
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://generalmotorscorporation.sc.omtrdc.net/b/ss/genmotcorgmust2t3dealersites,gmgeneralmotorsglobal/10/JS-2.17.0-LBSQ/s44944679779271?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=31%2F7%2F2021%2015%3A21%3A51%202%20-120&d.&nsid=0&jsonv=1&.d&mid=63363784353573430304342341075041861100&aamlh=6&ce=UTF-8&pageName=ch%3Ana%3Aus%3Aen%3At3%3Ahomepage&g=https%3A%2F%2Fwww.sandssurprise.com%2F&cc=USD&ch=homepage&server=www.sandssurprise.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=homepage%2Cundefined%2Cundefined%2Cundefined&v4=en&v8=sands%20chevrolet%20-%20surprise&v9=9%3A00AM&v10=Tuesday&c11=undefined&v11=Weekday&c12=undefined&v12=New&c13=undefined&c14=homepage&c16=gmna&c17=tier3&v17=tier3&c18=chevrolet&v18=chevrolet&c19=256053&c21=ch%3Ana%3Aus%3Aen%3At3%3Ahomepage&c22=2.17.0&c23=en&v31=us&v32=gmna&v37=ch%3Ana%3Aus%3Aen%3At3%3Ahomepage&c41=ch%3Ana%3Aus%3Aen%3At3%3Ahomepage&v55=New&c60=homepage&c61=homepage&c67=https%3A%2F%2Fwww.sandssurprise.com%2F&c69=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&c71=large&c74=1600x1200&c75=landscape&v76=homepage&v77=homepage&v83=https%3A%2F%2Fwww.sandssurprise.com%2F&v85=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&v96=large&v97=1600x1200&v98=landscape&v109=gmps-sands-chev&v120=cdk&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=757A02BE532B22BA0A490D4C%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP6580734006504e9facd682c439318b88/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

e9da57b3c9e762104430469257e79b2f875be1b9d7c75876aba5c6fc4f578e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-aam-tid: DwMs5r1zSpY=
date: Tue, 31 Aug 2021 13:21:52 GMT
x-content-type-options: nosniff
x-c: main-1506.I6462f6.M0-512
p3p: CP="This is not a P3P policy"
content-length: 4337
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v015-0b4dd7f9c.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Wed, 01 Sep 2021 13:21:52 GMT
server: jag
xserver: anedge-f47784dbf-5pj7l
etag: 3501291940774379520-4619794433678377060
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 30 Aug 2021 13:21:52 GMT

GET
H2 200 InviteTriggers Show response
api.iperceptions.com/ 241 B
305 B 50ms
50ms XHR
application/json 52.138.200.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99643bd78340e8d59e30132717cb5c837f8610e2b766c49b33385d4ed6235de0

Request headers

SecurityToken: af185a2d-67f3-475b-86c7-fb0b0148fac4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.sandssurprise.com/

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:58 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 241
expires: -1

OPTIONS
H2 200 InviteTriggers
api.iperceptions.com/ Frame 0
0 7318ms
33ms Preflight 52.138.200.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Protocol: H2
Server: 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: securitytoken
Origin: https://www.sandssurprise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-allow-headers: securitytoken
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 31 Aug 2021 13:21:58 GMT
content-length: 0

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryLBjzyhwMIX3DSB0A

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 31 Aug 2021 13:21:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.sandssurprise.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 pixel;r=495381681;event=rule;labels=_fp.event.Homepage;rf=0;a=p-2XLn5BMqXtxy7;url=https%3A%2F%2Fwww.sandssurprise.com%2F;uht=2;fpan=0;fpa=P0-390560680-1630416110872;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=e...
pixel.quantserve.com/ 35 B
210 B 13ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=495381681;event=rule;labels=_fp.event.Homepage;rf=0;a=p-2XLn5BMqXtxy7;url=https%3A%2F%2Fwww.sandssurprise.com%2F;uht=2;fpan=0;fpa=P0-390560680-1630416110872;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=sandssurprise.com;je=0;sr=1600x1200x24;dst=1;et=1630416111206;tzo=-120;ogl=title.Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%252C%20Avondale%20%26%20Pho%2Ctype.Website%2Cdescription.Sands%20Chevrolet%20-%20Surprise%20is%20proud%20to%20be%20your%20Arizona%20Chevy%20dealership%20serving%20%2Curl.https%3A%2F%2Fwww%252Esandssurprise%252Ecom%2F%3Fcs%3Ae%3Dm%26cs%3Aq%3DSands%2520Chevy%2520Avondale%26cs%3Am%3Db%26cs%3Aci

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 37ms
20ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-undefined&l=dataLayer&cx=c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

15906e6d782942494450b5474366c4098c542e8ebfbf2aabb9b824b451971970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14053
x-xss-protection: 0
server: cafe
etag: 9441931574288766250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 13:21:51 GMT

GET
H3-29 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame FF2A 44 KB
17 KB 48ms
38ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9317774.fls.doubleclick.net
URL: https://9317774.fls.doubleclick.net/activityi;dc_pre=CICmjqmt2_ICFZF70wodmlYN6Q;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=334657921.1630416111;u10=256053;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u1=www.sandssurprise.com;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7d2b5759bc299a346bb043f1ffcf1150720eceb68431806c55f712f5916620a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17377
x-xss-protection: 0
server: cafe
etag: 10352237446443052277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 13:21:51 GMT

GET
H2 200 dc_pre=CICmjqmt2_ICFZF70wodmlYN6Q;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=*;u10=256053;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u...
adservice.google.com/ddm/fls/z/ Frame FF2A 42 B
262 B 44ms
43ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CICmjqmt2_ICFZF70wodmlYN6Q;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=*;u10=256053;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u1=www.sandssurprise.com;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cn-client-z3-20210827000042.js.gz Show response
d29f71cuc8ityh.cloudfront.net/js2/ 255 KB
68 KB 1097ms
22ms Script
application/x-javascript 13.32.118.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29f71cuc8ityh.cloudfront.net/js2/cn-client-z3-20210827000042.js.gz
Requested by: Host: app.carnow.com
URL: https://app.carnow.com/dealers/carnow_plugin.js?key=gmps-sands-chev
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89ac60a2114b9864a68cdafca462262554112721fea46044d8955c24e98ecdd0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: gTP6Sd6MjDqyNKsYgkUr3F4FCZiFEE6r
Content-Encoding: gzip
ETag: "682b8fac87a15398d6bcdb2ca0b7da01"
Age: 67667
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 69237
Last-Modified: Fri, 27 Aug 2021 00:06:50 GMT
Server: AmazonS3
Date: Tue, 31 Aug 2021 06:11:41 GMT
Content-Type: application/x-javascript
Via: 1.1 ec1ac21acdbd36c971eca9d6b61d0745.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
X-Amz-Cf-Id: _PeAA7vDMwLIhAxr5XqdvqNxX4ATSzSWZzgYUmaLwGpu277BfnMpjg==

GET
BLOB 200
OK b2711832-e807-4905-a1aa-2f5d2c17b245
https://www.sandssurprise.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sandssurprise.com/b2711832-e807-4905-a1aa-2f5d2c17b245
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 9141

GET
BLOB 200
OK 86cd3f5a-5c5d-4fe7-a084-dc5730325e1e
https://www.sandssurprise.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sandssurprise.com/86cd3f5a-5c5d-4fe7-a084-dc5730325e1e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 9141

GET
H3-29 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame C193 44 KB
17 KB 33ms
30ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9399534.fls.doubleclick.net
URL: https://9399534.fls.doubleclick.net/activityi;dc_pre=CLWfkqmt2_ICFWXAUQodQXQHLw;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=334657921.1630416111;u1=www.sandssurprise.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u10=256053;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7d2b5759bc299a346bb043f1ffcf1150720eceb68431806c55f712f5916620a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17377
x-xss-protection: 0
server: cafe
etag: 10352237446443052277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 13:21:51 GMT

GET
H2 200 dc_pre=CLWfkqmt2_ICFWXAUQodQXQHLw;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=*;u1=www.sandssurprise.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;...
adservice.google.com/ddm/fls/z/ Frame C193 42 B
107 B 49ms
46ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLWfkqmt2_ICFWXAUQodQXQHLw;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=*;u1=www.sandssurprise.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u10=256053;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/ 2 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1630416111255&cv=9&fst=1630416111255&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8p0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sandssurprise.com%2F&tiba=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6397537629c9ceb8b5805c48903d45fe49d7e37ea264addaa0afb6b202d1717a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1070
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/609383104/ Frame FF2A 2 KB
1 KB 17ms
17ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/609383104/?random=1630416111717&cv=9&fst=1630416111717&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICmjqmt2_ICFZF70wodmlYN6Q%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3DF0C51826C1BD9385CC097807523A7959%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu10%3D256053%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu1%3Dwww.sandssurprise.com%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bps%3D1&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f75d8405eecab9e2011183280da1f264af19137659bc8d5e6d926af99a991962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/privacysandbox/conversion/609383104/ Frame FF2A 0
0 14ms
14ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/pagead/privacysandbox/conversion/609383104/?random=1630416111717&cv=9&fst=1630416111717&num=1&fmt=3&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICmjqmt2_ICFZF70wodmlYN6Q%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3DF0C51826C1BD9385CC097807523A7959%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu10%3D256053%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu1%3Dwww.sandssurprise.com%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bps%3D1&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&async=1
Requested by: Host: 9317774.fls.doubleclick.net
URL: https://9317774.fls.doubleclick.net/activityi;dc_pre=CICmjqmt2_ICFZF70wodmlYN6Q;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=334657921.1630416111;u10=256053;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u1=www.sandssurprise.com;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame FF2A 44 KB
17 KB 23ms
22ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7d2b5759bc299a346bb043f1ffcf1150720eceb68431806c55f712f5916620a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17377
x-xss-protection: 0
server: cafe
etag: 10352237446443052277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 13:21:51 GMT

GET
H/1.1

200
OK

snap-qgFnJ8MGhG9bQYsjK.js Show response
snap-plugins.s3.amazonaws.com/cached-plugins/production/
Redirect Chain

https://plugin.tradepending.com/v5/snap-qgFnJ8MGhG9bQYsjK.js
https://snap-plugins.s3.amazonaws.com/cached-plugins/production/snap-qgFnJ8MGhG9bQYsjK.js

151 KB
152 KB

1452ms
128ms

Script
application/javascript

52.216.113.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snap-plugins.s3.amazonaws.com/cached-plugins/production/snap-qgFnJ8MGhG9bQYsjK.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.113.11 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3830576688c934387874b8279e3d29cfd18eb4c2193e82d30504c8e0f4ca70a1

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:55 GMT
Last-Modified: Thu, 26 Aug 2021 14:23:42 GMT
Server: AmazonS3
x-amz-request-id: ETAEAMHBB2S3TGEQ
ETag: "5678993b09e603017e059ed8f21575c5"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 155127
x-amz-id-2: +2Aglvq9dUNteiTnycRbrCnvsvIppLm6XIRO0LOBHGDMPlV1GDrg1ImkHE96boqS+eEzTdcnVHE=

Redirect headers

Date: Tue, 31 Aug 2021 13:21:52 GMT
Via: 1.1 vegur
Server: Cowboy
Access-Control-Allow-Origin: *
X-Powered-By: Express
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8
Location: https://snap-plugins.s3.amazonaws.com/cached-plugins/production/snap-qgFnJ8MGhG9bQYsjK.js
Cache-Control: public, max-age=86400
Connection: keep-alive
Content-Length: 111

GET
H2

200

pageview.min.js Show response
pageview.activengage.com/js/
Redirect Chain

https://go.activengage.com/1.js
https://pageview.activengage.com/js/pageview.min.js

75 KB
21 KB

46ms
38ms

Script
application/javascript

2606:4700::6812:d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pageview.activengage.com/js/pageview.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55caba448a7376729835630a7294d01f2067d79ff6a6dcecb0b669b60146bed7

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Aug 2021 18:15:27 GMT
server: cloudflare
age: 5419
etag: W/"6125373f-12c44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
x-envoy-upstream-service-time: 1
cf-ray: 6876907cf9022b16-FRA
expires: Tue, 31 Aug 2021 13:43:05 GMT

Redirect headers

date: Tue, 31 Aug 2021 13:21:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pageview.activengage.com/js/pageview.min.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6876907cc88e2b16-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryDYUvwkzdHQktT4py

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 31 Aug 2021 13:21:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.sandssurprise.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
BLOB 200
OK 13faa7db-b688-49ee-bf10-24aacdefc98a
https://www.sandssurprise.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sandssurprise.com/13faa7db-b688-49ee-bf10-24aacdefc98a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 9141

GET
BLOB 200
OK f9fd2326-9aa7-4d85-96fe-1f33cd64e6fc
https://www.sandssurprise.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sandssurprise.com/f9fd2326-9aa7-4d85-96fe-1f33cd64e6fc
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 9141

GET
BLOB 200
OK 6b23852b-a4cd-4dd9-92ee-5b9fd271601d
https://www.sandssurprise.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sandssurprise.com/6b23852b-a4cd-4dd9-92ee-5b9fd271601d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 9141

GET
BLOB 200
OK f02c58e9-4f73-49c7-a14e-ef4de50a232b
https://www.sandssurprise.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sandssurprise.com/f02c58e9-4f73-49c7-a14e-ef4de50a232b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 9141

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/455407040/ Frame C193 2 KB
1 KB 18ms
17ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/455407040/?random=1630416111760&cv=9&fst=1630416111760&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLWfkqmt2_ICFWXAUQodQXQHLw%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D1421974476898%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu1%3Dwww.sandssurprise.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu10%3D256053%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3Bps%3D1%3B~oref%3Dht&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

dacee2792ff941c22155009a87fc2714e42681bcd94e03da23e02d90ae91c7d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1403
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/privacysandbox/conversion/455407040/ Frame C193 0
0 16ms
15ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/pagead/privacysandbox/conversion/455407040/?random=1630416111760&cv=9&fst=1630416111760&num=1&fmt=3&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLWfkqmt2_ICFWXAUQodQXQHLw%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D1421974476898%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu1%3Dwww.sandssurprise.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu10%3D256053%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3Bps%3D1%3B~oref%3Dht&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&async=1
Requested by: Host: 9399534.fls.doubleclick.net
URL: https://9399534.fls.doubleclick.net/activityi;dc_pre=CLWfkqmt2_ICFWXAUQodQXQHLw;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=334657921.1630416111;u1=www.sandssurprise.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u10=256053;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame C193 44 KB
17 KB 27ms
26ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7d2b5759bc299a346bb043f1ffcf1150720eceb68431806c55f712f5916620a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17377
x-xss-protection: 0
server: cafe
etag: 10352237446443052277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 13:21:51 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/undefined/ 42 B
74 B 27ms
26ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/undefined/?random=1630416111255&cv=9&fst=1630414800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sandssurprise.com%2F&tiba=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&async=1&fmt=3&is_vtc=1&random=1328032267&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/undefined/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/undefined/?random=1630416111255&cv=9&fst=1630414800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sandssurprise.com%2F&tiba=Sands%20Chevrolet%20-%20Surprise%20%7C%20Arizona%20Chevy%20Dealer%20Serving%20Peoria%2C%20Avondale%20%26%20Phoenix&async=1&fmt=3&is_vtc=1&random=1328032267&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.build.json Show response
cdn.acsbapp.com/cache/app/ 202 KB
20 KB 99ms
99ms Fetch
application/json 206.189.187.108
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/en.build.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/assets/js/acsb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.187.108 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn103.acsbapp.com
Software: /
Resource Hash: 93f696a682e48dd948ea67bb8e91a5ad2f8cd8127281ee2c808e062132741d14

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:51 GMT
content-encoding: br
last-modified: Sun, 29 Aug 2021 09:08:03 GMT
etag: "326c2-612b4e73-5543fe412394ece9;br"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 20144
expires: Wed, 01 Sep 2021 13:21:51 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/459928202/ Frame FF2A 2 KB
1 KB 22ms
21ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/459928202/?random=1630416111768&cv=9&fst=1630416111717&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICmjqmt2_ICFZF70wodmlYN6Q%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3DF0C51826C1BD9385CC097807523A7959%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu10%3D256053%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu1%3Dwww.sandssurprise.com%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bps%3D1&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8788869e13940313cd68534156d17f8fb40cca6d7efc531cc39089ef290654db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/privacysandbox/conversion/459928202/ Frame FF2A 0
0 16ms
16ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/pagead/privacysandbox/conversion/459928202/?random=1630416111768&cv=9&fst=1630416111717&num=2&fmt=3&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICmjqmt2_ICFZF70wodmlYN6Q%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3DF0C51826C1BD9385CC097807523A7959%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu10%3D256053%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu1%3Dwww.sandssurprise.com%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bps%3D1&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&async=1
Requested by: Host: 9317774.fls.doubleclick.net
URL: https://9317774.fls.doubleclick.net/activityi;dc_pre=CICmjqmt2_ICFZF70wodmlYN6Q;src=9317774;type=sv;cat=chevy0;ord=F0C51826C1BD9385CC097807523A7959;gtm=2wg8p0;auiddc=334657921.1630416111;u10=256053;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u1=www.sandssurprise.com;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/609383104/ Frame FF2A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/609383104/?random=894946932&cv=9&fst=1630416111717&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=37560326...
https://www.google.com/pagead/1p-conversion/609383104/?random=894946932&cv=9&fst=1630416111717&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u...
https://www.google.de/pagead/1p-conversion/609383104/?random=894946932&cv=9&fst=1630416111717&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_...

42 B
64 B

23ms
22ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/609383104/?random=894946932&cv=9&fst=1630416111717&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICmjqmt2_ICFZF70wodmlYN6Q%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3DF0C51826C1BD9385CC097807523A7959%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu10%3D256053%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu1%3Dwww.sandssurprise.com%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bps%3D1&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYfbCLI_KgAe5taeABg&cid=CAQSKQCNIrLM-uFiCE6FeIJ-MDy1Ek-At1SJhIIU-G0frPQB-6SQPGPVk9Yq&random=1385231638&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/609383104/?random=894946932&cv=9&fst=1630416111717&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICmjqmt2_ICFZF70wodmlYN6Q%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3DF0C51826C1BD9385CC097807523A7959%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu10%3D256053%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu1%3Dwww.sandssurprise.com%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bps%3D1&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYfbCLI_KgAe5taeABg&cid=CAQSKQCNIrLM-uFiCE6FeIJ-MDy1Ek-At1SJhIIU-G0frPQB-6SQPGPVk9Yq&random=1385231638&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 7B22 397 B
829 B 301ms
29ms Document
text/html 52.50.64.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=pmijyo9&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&upid=evpjlkj&upv=1.1.0&td1=256053&td2=https://www.sandssurprise.com/&td3=www.sandssurprise.com
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.64.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-64-214.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 36e94427604f03321db6b23d1ae9503c64a0af0fa3bd86419f1e30e0c864777d

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=pmijyo9&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&upid=evpjlkj&upv=1.1.0&td1=256053&td2=https://www.sandssurprise.com/&td3=www.sandssurprise.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sandssurprise.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=58725a25-6d1b-4f33-8b9e-517b3fd30a31; TDCPM=CAEYBSABKAIyCwjM8J_joKP2ORAFOAE.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.sandssurprise.com/

Response headers

date: Tue, 31 Aug 2021 13:21:52 GMT
content-type: text/html; charset=utf-8
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=58725a25-6d1b-4f33-8b9e-517b3fd30a31; domain=.adsrvr.org; expires=Wed, 31-Aug-2022 13:21:52 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSgDMgsIpuin7KCj9jkQBTgBQgQiAggBWgdwbWlqeW85YAE.; domain=.adsrvr.org; expires=Wed, 31-Aug-2022 13:21:52 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/455407040/ Frame C193
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/455407040/?random=632489492&cv=9&fst=1630416111760&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=37560326...
https://www.google.com/pagead/1p-conversion/455407040/?random=632489492&cv=9&fst=1630416111760&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u...
https://www.google.de/pagead/1p-conversion/455407040/?random=632489492&cv=9&fst=1630416111760&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_...

42 B
64 B

22ms
21ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/455407040/?random=632489492&cv=9&fst=1630416111760&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLWfkqmt2_ICFWXAUQodQXQHLw%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D1421974476898%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu1%3Dwww.sandssurprise.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu10%3D256053%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3Bps%3D1%3B~oref%3Dht&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYf7zLpOBx_APq5uF6Ag&random=3121385820&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/455407040/?random=632489492&cv=9&fst=1630416111760&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLWfkqmt2_ICFWXAUQodQXQHLw%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D1421974476898%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu1%3Dwww.sandssurprise.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu10%3D256053%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3Bps%3D1%3B~oref%3Dht&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYf7zLpOBx_APq5uF6Ag&random=3121385820&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 3790 0
182 B 267ms
28ms Document
text/html 52.50.64.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ebpumhx&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&upid=wqk15ah&upv=1.1.0&td1=256053&td2=https://www.sandssurprise.com/&td3=www.sandssurprise.com
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.64.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-64-214.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=ebpumhx&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&upid=wqk15ah&upv=1.1.0&td1=256053&td2=https://www.sandssurprise.com/&td3=www.sandssurprise.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sandssurprise.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.sandssurprise.com/

Response headers

date: Tue, 31 Aug 2021 13:21:52 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/589079120/ Frame C193 2 KB
1 KB 18ms
17ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/589079120/?random=1630416111817&cv=9&fst=1630416111760&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLWfkqmt2_ICFWXAUQodQXQHLw%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D1421974476898%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu1%3Dwww.sandssurprise.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu10%3D256053%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3Bps%3D1%3B~oref%3Dht&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c64b2ccfb746efbba60020224db7d57ac9d091ec6615fb2163ae3764fbd477b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1403
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/privacysandbox/conversion/589079120/ Frame C193 0
0 16ms
15ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/pagead/privacysandbox/conversion/589079120/?random=1630416111817&cv=9&fst=1630416111760&num=2&fmt=3&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLWfkqmt2_ICFWXAUQodQXQHLw%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D1421974476898%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu1%3Dwww.sandssurprise.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu10%3D256053%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3Bps%3D1%3B~oref%3Dht&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&async=1
Requested by: Host: 9399534.fls.doubleclick.net
URL: https://9399534.fls.doubleclick.net/activityi;dc_pre=CLWfkqmt2_ICFWXAUQodQXQHLw;src=9399534;type=t3sv;cat=t3sit0;ord=1421974476898;gtm=2wg8p0;auiddc=334657921.1630416111;u1=www.sandssurprise.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.sandssurprise.com%2F;u5=;u6=1600;u7=F0C51826C1BD9385CC097807523A7959;u8=F0C51826C1BD9385CC097807523A7959;u9=Sands%20Chevrolet%20-%20Surprise;u10=256053;u11=SURPRISE;u12=AZ;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;ps=1;~oref=https%3A%2F%2Fwww.sandssurprise.com%2F?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/459928202/ Frame FF2A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/459928202/?random=266967086&cv=9&fst=1630416111717&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=37560326...
https://www.google.com/pagead/1p-conversion/459928202/?random=266967086&cv=9&fst=1630416111717&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u...
https://www.google.de/pagead/1p-conversion/459928202/?random=266967086&cv=9&fst=1630416111717&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_...

42 B
64 B

23ms
23ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/459928202/?random=266967086&cv=9&fst=1630416111717&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICmjqmt2_ICFZF70wodmlYN6Q%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3DF0C51826C1BD9385CC097807523A7959%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu10%3D256053%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu1%3Dwww.sandssurprise.com%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bps%3D1&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYamuL9WggAfLk6v4CA&random=2913944969&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/459928202/?random=266967086&cv=9&fst=1630416111717&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICmjqmt2_ICFZF70wodmlYN6Q%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3DF0C51826C1BD9385CC097807523A7959%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu10%3D256053%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu1%3Dwww.sandssurprise.com%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bps%3D1&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYamuL9WggAfLk6v4CA&random=2913944969&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/589079120/ Frame C193
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/589079120/?random=324604234&cv=9&fst=1630416111760&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=37560326...
https://www.google.com/pagead/1p-conversion/589079120/?random=324604234&cv=9&fst=1630416111760&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u...
https://www.google.de/pagead/1p-conversion/589079120/?random=324604234&cv=9&fst=1630416111760&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_...

42 B
64 B

21ms
21ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/589079120/?random=324604234&cv=9&fst=1630416111760&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLWfkqmt2_ICFWXAUQodQXQHLw%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D1421974476898%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu1%3Dwww.sandssurprise.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu10%3D256053%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3Bps%3D1%3B~oref%3Dht&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYaWrMs2CgAe8mJOQCA&cid=CAQSKQCNIrLMF4OtJYbTXWFyMuEud9BNhEsb3GzsRq_1fKvCEx_AAi1QHZX9&random=225258433&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/589079120/?random=324604234&cv=9&fst=1630416111760&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLWfkqmt2_ICFWXAUQodQXQHLw%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D1421974476898%3Bgtm%3D2wg8p0%3Bauiddc%3D334657921.1630416111%3Bu1%3Dwww.sandssurprise.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.sandssurprise.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3DF0C51826C1BD9385CC097807523A7959%3Bu8%3DF0C51826C1BD9385CC097807523A7959%3Bu9%3DSands%2520Chevrolet%2520-%2520Surprise%3Bu10%3D256053%3Bu11%3DSURPRISE%3Bu12%3DAZ%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3Bps%3D1%3B~oref%3Dht&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7ywuYaWrMs2CgAe8mJOQCA&cid=CAQSKQCNIrLMF4OtJYbTXWFyMuEud9BNhEsb3GzsRq_1fKvCEx_AAi1QHZX9&random=225258433&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 7B22 487 B
963 B 22ms
21ms Script
application/x-javascript 18.66.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=pmijyo9&ref=https%3A%2F%2Fwww.sandssurprise.com%2F&upid=evpjlkj&upv=1.1.0&td1=256053&td2=https://www.sandssurprise.com/&td3=www.sandssurprise.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 12:11:40 GMT
Via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
Age: 4215
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-P2
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: OHX_hoQOrG78WboBH2A_C1_H0AghptDzp5G6WvtQf_j2Ymt0YeLTGA==

GET
H2 200 dt.js Show response
dt.cobaltgroup.com/ 22 KB
9 KB 178ms
178ms Script
text/javascript 52.8.197.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=F0C51826C1BD9385CC097807523A7959&webid=gmps-sands-chev&sitetype=dealer&eventId=eb939c80265f10068136080020f0176c&cs:ssi=F0C51826C1BD9385CC097807523A7959&_=1630416107855
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.197.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-197-246.us-west-1.compute.amazonaws.com
Software: Display Tracker 2.0 /
Resource Hash: 80cdb9f6085bbb40a9fd7dc0cc84aeddbe40061758a5d1d591fb135475f967ce

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:52 GMT
content-encoding: gzip
x-autoscale-group: dt-prod-ca-asg
last-modified: Tue, 31 Aug 2021 13:21:52 GMT
server: Display Tracker 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: text/javascript
content-length: 7403
expires: Tue, 19 Apr 1994 04:00:00 GMT

GET
H2 200 ckCookies.js Show response
dt.cobaltgroup.com/dt/ 17 B
170 B 165ms
165ms Script
text/javascript 52.8.197.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.cobaltgroup.com/dt/ckCookies.js?dtuid=1630416110620755900
Requested by: Host: dt.cobaltgroup.com
URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=F0C51826C1BD9385CC097807523A7959&webid=gmps-sands-chev&sitetype=dealer&eventId=eb939c80265f10068136080020f0176c&cs:ssi=F0C51826C1BD9385CC097807523A7959&_=1630416107854
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.197.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-197-246.us-west-1.compute.amazonaws.com
Software: Display Tracker 2.0 /
Resource Hash: 46787dd8637d6a3eb90accc10852bfbcec47e4509d0e8be42535e007d253c78b

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:52 GMT
content-encoding: gzip
x-autoscale-group: dt-prod-ca-asg
server: Display Tracker 2.0
content-length: 37
content-type: text/javascript

GET
H2 200 tr
www.facebook.com/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: dt.cobaltgroup.com
URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=F0C51826C1BD9385CC097807523A7959&webid=gmps-sands-chev&sitetype=dealer&eventId=eb939c80265f10068136080020f0176c&cs:ssi=F0C51826C1BD9385CC097807523A7959&_=1630416107855

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 31 Aug 2021 13:21:52 GMT

GET
H2 200 g.pixel
aa.agkn.com/adscores/ 43 B
347 B 21ms
20ms Image
image/gif 18.169.236.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212297528&puid=1630416110620755900
Requested by: Host: dt.cobaltgroup.com
URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=F0C51826C1BD9385CC097807523A7959&webid=gmps-sands-chev&sitetype=dealer&eventId=eb939c80265f10068136080020f0176c&cs:ssi=F0C51826C1BD9385CC097807523A7959&_=1630416107855
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.236.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-236-234.eu-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 msid.gif
px.marchex.io/ 43 B
380 B 99ms
98ms Image
image/gif 35.169.206.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/msid.gif?spid=cdk&uid=1630416110620755900
Requested by: Host: dt.cobaltgroup.com
URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=F0C51826C1BD9385CC097807523A7959&webid=gmps-sands-chev&sitetype=dealer&eventId=eb939c80265f10068136080020f0176c&cs:ssi=F0C51826C1BD9385CC097807523A7959&_=1630416107855
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.206.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-206-198.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:52 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "2b-5c6109ac87f37"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: image/gif
content-length: 43

GET
H2 200 L21rdC84MTYvY2lkLzI4NTkwODExL3QvMi9jYXQvMzE2MTg0MTQ
d.turn.com/r/dd/id/ 43 B
407 B 44ms
43ms Image
image/gif 2001:678:cb4:bbbb::13
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTkwODExL3QvMi9jYXQvMzE2MTg0MTQ
Requested by: Host: dt.cobaltgroup.com
URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=F0C51826C1BD9385CC097807523A7959&webid=gmps-sands-chev&sitetype=dealer&eventId=eb939c80265f10068136080020f0176c&cs:ssi=F0C51826C1BD9385CC097807523A7959&_=1630416107855
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::13 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:51 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=3pecm&ad=1509026001
https://s.amazon-adsystem.com/iu3?d=3pecm&ad=1509026001&dcc=t

0
0

118ms
117ms

Image
text/html

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?d=3pecm&ad=1509026001&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:52 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VR687613AYE3HX5JYJT3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=3pecm&ad=1509026001&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 451 398676.gif
idsync.rlcdn.com/ 0
42 B 15ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398676.gif?partner_uid=1630416110620755900
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:52 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET a.gif
s.ixiaa.com/ 0
0

GET
H2 200 dt.gif
dt.admission.net/ 43 B
454 B 168ms
166ms Image
image/gif 52.8.197.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.admission.net/dt.gif?sync=1&dtuid=1630416110620755900
Requested by: Host: dt.cobaltgroup.com
URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=F0C51826C1BD9385CC097807523A7959&webid=gmps-sands-chev&sitetype=dealer&eventId=eb939c80265f10068136080020f0176c&cs:ssi=F0C51826C1BD9385CC097807523A7959&_=1630416107855
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.197.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-197-246.us-west-1.compute.amazonaws.com
Software: Display Tracker 2.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:52 GMT
x-autoscale-group: dt-prod-ca-asg
last-modified: Tue, 31 Aug 2021 13:21:52 GMT
server: Display Tracker 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Tue, 19 Apr 1994 04:00:00 GMT

GET
H3-29

200

pixel
bid.g.doubleclick.net/xbbe/invitepixel/
Redirect Chain

https://segment-pixel.invitemedia.com/pixel?pixelID=67458&partnerID=198&key=segment
https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment

43 B
63 B

45ms
24ms

Image
image/gif

74.125.206.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

74.125.206.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f156.1e100.net

Software

cafe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 43
x-xss-protection: 0

Redirect headers

date: Tue, 31 Aug 2021 13:21:52 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 297
x-xss-protection: 0

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
964 B 768ms
767ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10061121&ec=chevyin

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:53 GMT
X-Content-Type-Options: nosniff
Age: 1
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Tue, 31 Aug 2021 13:21:53 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
210 B 10ms
9ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.ChevyInNew

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
210 B 14ms
13ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.Chevy+In+Q217

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel.gif
login.dotomi.com/
Redirect Chain

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-sands-chev&cdk_id=1630416110620755900
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3035%26dtm_cmagic%3D03bfc1%26dt...
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-sands-chev&cdk_id=163041611...
https://login.dotomi.com/pixel.gif

43 B
129 B

18ms
18ms

Image
image/gif

64.158.223.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.dotomi.com/pixel.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-usadmm.dotomi.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:52 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://login.dotomi.com/pixel.gif
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 122ms
121ms Image
image/gif 209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:52 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZJNWH3BM9PCGSN0J2XMQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p-ZXDzrsfZtpwXm.gif
pixel.quantserve.com/pixel/ 35 B
375 B 11ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-ZXDzrsfZtpwXm.gif?labels=_fp.event.Chevy+In

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

correlate
dt.cobaltgroup.com/cookiejar/1.0/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=313172&dpuuid=1630416110620755900&redir=https%3A%2F%2Fdt.cobaltgroup.com%2Fcookiejar%2F1.0%2Fcorrelate%3Fformat%3Dgif%26logonly%3D1%26uidindex%3Daam%26uid%3D$%7BDD_U...
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=63155242177322213284326113704636582218

43 B
555 B

166ms
166ms

Image
image/gif

52.8.197.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=63155242177322213284326113704636582218
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.197.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-197-246.us-west-1.compute.amazonaws.com
Software: CJ Service 2.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:52 GMT
x-autoscale-group: x-prod-ca-asg
last-modified: Tue, 31 Aug 2021 13:21:52 GMT
server: CJ Service 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Tue, 19 Apr 1994 04:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v015-07e475314.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: GmBmaEGiSO0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=63155242177322213284326113704636582218
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3-29 200 sd
us-u.openx.net/w/1.0/ 43 B
61 B 17ms
16ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=540213371&val=1630416110620755900
Requested by: Host: dt.cobaltgroup.com
URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=F0C51826C1BD9385CC097807523A7959&webid=gmps-sands-chev&sitetype=dealer&eventId=eb939c80265f10068136080020f0176c&cs:ssi=F0C51826C1BD9385CC097807523A7959&_=1630416107855
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

correlate
dt.admission.net/cookiejar/1.0/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cobalt_group_adp&google_hm=MTYzMDQxNjExMDYyMDc1NTkwMA
https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=

43 B
451 B

164ms
164ms

Image
image/gif

52.8.197.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.197.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-197-246.us-west-1.compute.amazonaws.com
Software: CJ Service 2.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:52 GMT
x-autoscale-group: x-prod-ca-asg
last-modified: Tue, 31 Aug 2021 13:21:52 GMT
server: CJ Service 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Tue, 19 Apr 1994 04:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 282
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activity;src=1139716;dcnet=3880;boom=40149;sz=1x1;ord=685441871
ad.doubleclick.net/ 42 B
107 B 34ms
33ms Image
image/gif 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;src=1139716;dcnet=3880;boom=40149;sz=1x1;ord=685441871?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

pixel
ad.ipredictive.com/d/rt/
Redirect Chain

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26220;ts=685441871
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1630416112

631 B
1 KB

1412ms
103ms

Image
image/jpeg

3.227.92.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1630416112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.92.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-92-182.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:53 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 631
X-CI-RTID: 68c5cdf4-0a5e-11ec-8e5a-b92da1ccdcdb
Content-Type: image/jpeg

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:52 GMT
via: 1.1 google
server: 8dca829a80e6db27f6ecbc8e781b8dc7203461ffcd6e852a1f85fce376d3cb3a
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, TRACE, OPTIONS
p3p: CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
location: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1630416112
cache-control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-headers: Content-Type
content-type: text/html;charset=ISO-8859-1
alt-svc: clear
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK widgets Show response
app.carnow.com/dealers/ 21 KB
6 KB 782ms
227ms XHR
application/json 23.20.64.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.carnow.com/dealers/widgets?id=24709&vstid=

Requested by

Host: d29f71cuc8ityh.cloudfront.net
URL: https://d29f71cuc8ityh.cloudfront.net/js2/cn-client-z3-20210827000042.js.gz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.64.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-64-84.compute-1.amazonaws.com

Software

nginx /

Resource Hash

00fcc121a0131da06dc33324f29cfa410ca28d6e66b8f860dffd374e4ee42691

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:53 GMT
Content-Encoding: gzip
transfer-encoding: chunked
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
X-Request-Id: b3eed662-4ed4-4b3f-8a6d-e878480dd127
X-Runtime: 0.123330
Server: nginx
X-Frame-Options: ALLOWALL
ETag: W/"6a5782a49ac77ad8aa80df7f39990bf7"
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate

GET
BLOB 200
OK e9835d92-e06f-4cfe-a00b-1dad06b3ee7b
https://www.sandssurprise.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sandssurprise.com/e9835d92-e06f-4cfe-a00b-1dad06b3ee7b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 9141

GET
BLOB 200
OK 05ebdd61-a636-4e2a-a46b-cbf63151fa6f
https://www.sandssurprise.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sandssurprise.com/05ebdd61-a636-4e2a-a46b-cbf63151fa6f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 9141

GET
BLOB 200
OK 2e82db4e-3c48-4281-9de1-5e12c13b2f33
https://www.sandssurprise.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sandssurprise.com/2e82db4e-3c48-4281-9de1-5e12c13b2f33
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 9141

GET
BLOB 200
OK 829e477d-b48e-4a13-b5d8-6d10cd50b0bf
https://www.sandssurprise.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sandssurprise.com/829e477d-b48e-4a13-b5d8-6d10cd50b0bf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 9141

GET
H2 200 5i6hH3mA5j4IaKeAg4prftg8D7qy4hsA-20210827000042.css
d2dhoetkfll74o.cloudfront.net/p/24709/ 191 KB
50 KB 64ms
28ms Stylesheet
text/css 2600:9000:2190:5a00:6:245a:1600:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2dhoetkfll74o.cloudfront.net/p/24709/5i6hH3mA5j4IaKeAg4prftg8D7qy4hsA-20210827000042.css?_=20210827000042
Requested by: Host: d29f71cuc8ityh.cloudfront.net
URL: https://d29f71cuc8ityh.cloudfront.net/js2/cn-client-z3-20210827000042.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5a00:6:245a:1600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2793d1a660bda4351409a5ec734f590b0e1bf8c678e2a8a052195f079899b51

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 21:19:57 GMT
content-encoding: gzip
last-modified: Fri, 27 Aug 2021 00:09:22 GMT
server: AmazonS3
age: 57716
etag: W/"b9ac0ce4afc2ce7a936305e7f4072130"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ZoYKgzTCYE5b35YMnfPnOiOfgv2WX9NEExzRhbeM7nYUHaYPZuCNBA==

GET
H/1.1 200
OK text_1-vl.png
d29f71cuc8ityh.cloudfront.net/images2/chat/plugin/ 487 B
1003 B 23ms
22ms Image
image/png 13.32.118.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29f71cuc8ityh.cloudfront.net/images2/chat/plugin/text_1-vl.png
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9f47c0dba6fafb77ac893ba6152e4f8afe82690768d5104bb4f5d31c49f8b83

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: null
Via: 1.1 ec1ac21acdbd36c971eca9d6b61d0745.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 10 Jan 2020 15:24:18 GMT
Server: AmazonS3
Age: 63484
ETag: "af173950ac914983eec92f988564b875"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=86400
Date: Tue, 31 Aug 2021 11:33:26 GMT
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: OVqlGS2iqk6PYZrHvUofm7BroV8Vdiio0MVOdmpJk0mxFhGfQSFcwA==

POST
H/1.1 200
OK track_visitor Show response
app.carnow.com/dealers/ 0
1 KB 240ms
240ms XHR
text/html 23.20.64.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.carnow.com/dealers/track_visitor

Requested by

Host: d29f71cuc8ityh.cloudfront.net
URL: https://d29f71cuc8ityh.cloudfront.net/js2/cn-client-z3-20210827000042.js.gz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.64.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-64-84.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 31 Aug 2021 13:21:53 GMT
Content-Encoding: gzip
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 25
X-Request-Id: 064cb6cb-56ed-4ec1-9ccb-07d285611d62
X-Runtime: 0.137174
Server: nginx
X-Frame-Options: ALLOWALL
ETag: W/"f96f27547f730dafd2dbbb0545a4cdd5"
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, POST
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK chat_icon-l.png
d29f71cuc8ityh.cloudfront.net/images2/chat/plugin/ 1 KB
2 KB 36ms
21ms Image
image/png 13.32.118.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29f71cuc8ityh.cloudfront.net/images2/chat/plugin/chat_icon-l.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3dd1daff42a33e9e58f5fdb10d685ee6538b20499309c79e069e083da1e3bac3

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: null
Via: 1.1 ec1ac21acdbd36c971eca9d6b61d0745.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 10 Jan 2020 15:24:17 GMT
Server: AmazonS3
Age: 46755
ETag: "5d685e3d57d64e728b777bbdae028014"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=86400
Date: Tue, 31 Aug 2021 11:33:26 GMT
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 1025
X-Amz-Cf-Id: d729b0Sjbx-5mgd6co3Ds-_oo_pQDsx-9Ifgh8zxFUpqU3SutWvkrQ==

GET
H/1.1 200
OK Cookie set live Show response
app.carnow.com/chat/ Frame 5C91 2 KB
2 KB 133ms
133ms Document
text/html 23.20.64.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.carnow.com/chat/live?key=gmps-sands-chev&uvid=3850a085-3c2a-4f6e-ad1b-13fa4fb57d58&xdm_e=https%3A%2F%2Fwww.sandssurprise.com&xdm_c=default5751&xdm_p=1

Requested by

Host: d29f71cuc8ityh.cloudfront.net
URL: https://d29f71cuc8ityh.cloudfront.net/js2/cn-client-z3-20210827000042.js.gz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.64.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-64-84.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6a3d613dc50386619926a3ce31e7fb92667f215ee344ef27c87515644ac0b247

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Host: app.carnow.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.sandssurprise.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.sandssurprise.com/

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 31 Aug 2021 13:21:53 GMT
ETag: W/"c321599090f93ae7d1a5d8da5fe57442"
Server: nginx
Set-Cookie: _cn_mac=gk2ytEj8jaG66IlyAn41yio3; path=/; expires=Sat, 31 Aug 2041 13:21:53 -0000 _cn_session=eFlCM3NEV1ArbEJKWEh6UFVOZ0FNb3NicU9ieUVuRW1lOTZXWTlOVVl3ckg2VUZ3WWM2bmlhVXZHQXQ4Sjh0Z1NFYUxuUVVtYXR3S0lBZ2FPOVlDZnZoK3d5ZHF6UWVPaU5vMHJPb3l5KzhQdnBoVXp0NjA0TFByTUkxR2xZa2w0TXVGcXNvTDd0ekVlb3RqeFQydGltd1E0bGUwZWpvOTM2NnFvRXBKMGxoeG5PZFNkVEZURXFIUHV3VSsyQVo1WXNCZXorQXM0bE5hYlhkZm9tQjVTbWVFK0xPeit6UjA2WFNEQ3FmdUsxcnp0VTU0V0QzSzVkdXZQbmEwYWZ4ZVdNYkhoeHczSUV1eVNoN1JqeEVsTHVBOWF6V0xmWmIyVHhnNjlmM1l2Wm5TK0xKMTdLU1dZdTc5VHk5cERXNTFIaFBzcEZ6dnRTdm81cE9QM3p5R3hNOHNWRnRiZFVPakhaU0d2ZDMvNEFBPS0tdUhPZ0FpVTZhNUxYb01WK09jWENpQT09--7a3985f86e7dc078e98252aa973cb8c06c9768ce; path=/; HttpOnly; SameSite=None; Secure
Status: 200 OK
Vary: Accept-Encoding, Origin
X-Frame-Options: ALLOWALL
X-Request-Id: 8f084498-bb3f-43d2-b220-5ad0fcbc5d3f
X-Runtime: 0.032163
Content-Length: 856
Connection: keep-alive

GET
H/1.1 200
OK cnp-z-20210827000042.js.gz Show response
d29f71cuc8ityh.cloudfront.net/js2/ Frame 5C91 354 KB
98 KB 21ms
20ms Script
application/x-javascript 13.32.118.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29f71cuc8ityh.cloudfront.net/js2/cnp-z-20210827000042.js.gz
Requested by: Host: app.carnow.com
URL: https://app.carnow.com/chat/live?key=gmps-sands-chev&uvid=3850a085-3c2a-4f6e-ad1b-13fa4fb57d58&xdm_e=https%3A%2F%2Fwww.sandssurprise.com&xdm_c=default5751&xdm_p=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d209a92b081d2cd1f18845c4020272672fdc71cca96edafcf8cbf15368343b4

Request headers

Referer: https://app.carnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: FFW5Iidk2U586T9Pp5rxe34RNvR42gP8
Content-Encoding: gzip
ETag: "2a7ae6c7792c121ee6a7a7696628a147"
Age: 47539
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 99544
Last-Modified: Fri, 27 Aug 2021 00:08:08 GMT
Server: AmazonS3
Date: Tue, 31 Aug 2021 02:03:26 GMT
Content-Type: application/x-javascript
Via: 1.1 ec1ac21acdbd36c971eca9d6b61d0745.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
X-Amz-Cf-Id: SUPOo3ceIN5Vju77IEBivl17R9bi1Py_xXe8QHP-n4Y1iutVHeOyHQ==

GET
H/1.1 200
OK analytics-hit Show response
plugin.tradepending.com/ 319 B
867 B 298ms
102ms XHR
application/json 54.161.241.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.tradepending.com/analytics-hit?dealer_id=qgFnJ8MGhG9bQYsjK&plugin_id=qgFnJ8MGhG9bQYsjK&location=home&session_aid=0mh1gtmyanj1xq543krdkd&newsession=true&host_url=https%3A%2F%2Fwww.sandssurprise.com%2F
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7693/g1j/wqrlvaugaoza5akrk9a==/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.161.241.46 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-241-46.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 915af12f9d267bdf12e3544cb2d29947a673d85c591aaa00629762a1291445e4

Request headers

Accept: */*
Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:54 GMT
Via: 1.1 vegur
Etag: W/"13f-wZVeUTASk4IIlN93YqNCgSeCRVQ"
Server: Cowboy
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 319

GET
H/1.1 200
OK PoweredByTPWhite.png
cdn.tradepending.com/ 1 KB
2 KB 317ms
21ms Image
image/png 13.32.121.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tradepending.com/PoweredByTPWhite.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-67.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d6d0d54103b01d34d20c4ccbb3876fd9425f2a93b960d7ddccfc2a1f3860b90

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 20:51:42 GMT
Via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 14 Dec 2016 13:17:47 GMT
Server: AmazonS3
Age: 491412
ETag: "cd01f76df59bdbddf9084b3aada45b37"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000,public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 1452
X-Amz-Cf-Id: lgKxk6R7wRlDvnloA8R2n704gGbvdS6OVaGouVsjqT67SifEK8UeDQ==
Expires: Sun, 01 Jan 2034 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=609a612e-2cf2-4400-9917-327ceeb69ab5&ddsuuid=63155242177322213284326113704636582218
dpm.demdex.net/ Frame CCB5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=63155242177322213284326113704636582218&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d63155242177322...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=609a612e-2cf2-4400-9917-327ceeb69ab5&ddsuuid=63155242177322213284326113704636582218

42 B
945 B

32ms
31ms

Image
image/gif

52.30.146.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=609a612e-2cf2-4400-9917-327ceeb69ab5&ddsuuid=63155242177322213284326113704636582218

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.146.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-146-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v015-04f380918.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: W0VJdZNyQ4A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Tue, 31 Aug 2021 13:21:54 GMT
Server: MT3 3865 cc0e612 master zrh-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=609a612e-2cf2-4400-9917-327ceeb69ab5&ddsuuid=63155242177322213284326113704636582218
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 31 Aug 2021 13:21:53 GMT

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=653c60294d02e8a06ca37c3e4e528806ca37b4b1502e265ca0a3e6c50d9633ccb0da87c991749652
dpm.demdex.net/ Frame CCB5
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=63155242177322213284326113704636582218
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNjMxNTUyNDIxNzczMjIyMTMyODQzMjYxMTM3MDQ2MzY1ODIyMTgQABoNCPLZuIkGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=653c60294d02e8a06ca37c3e4e528806ca37b4b1502e265ca0a3e6c50d9633ccb0da87c991749652

42 B
945 B

45ms
44ms

Image
image/gif

52.30.146.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=653c60294d02e8a06ca37c3e4e528806ca37b4b1502e265ca0a3e6c50d9633ccb0da87c991749652

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.146.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-146-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v015-0bc04f9b6.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: P+ZwYHdLSVI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Tue, 31 Aug 2021 13:21:54 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=653c60294d02e8a06ca37c3e4e528806ca37b4b1502e265ca0a3e6c50d9633ccb0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESENgqpgjenYnv2rJSS28KKpc&google_cver=1
dpm.demdex.net/ Frame CCB5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjMxNTUyNDIxNzczMjIyMTMyODQzMjYxMTM3MDQ2MzY1ODIyMTg=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENgqpgjenYnv2rJSS28KKpc&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

32ms
31ms

Image
image/gif

52.30.146.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENgqpgjenYnv2rJSS28KKpc&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.146.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-146-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v015-02e259e58.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nGVw9HdtR8c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENgqpgjenYnv2rJSS28KKpc&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

req
cdn.navdmp.com/ Frame CCB5
Redirect Chain

https://navdmp.com/req?adID=63155242177322213284326113704636582218
https://cdn.navdmp.com/req?adID=63155242177322213284326113704636582218

6 B
101 B

147ms
145ms

Image
application/x-javascript

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.navdmp.com/req?adID=63155242177322213284326113704636582218
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6876908e4a1d4a79-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

Redirect headers

location: https://cdn.navdmp.com/req?adID=63155242177322213284326113704636582218
date: Tue, 31 Aug 2021 13:21:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6876908d58294a79-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html

GET
H2 200 adsct
analytics.twitter.com/i/ Frame CCB5 43 B
582 B 164ms
125ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=63155242177322213284326113704636582218&p_id=38594

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Tue, 31 Aug 2021 13:21:54 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 2f1e1f8d553977beb527511896d266edb19510b656447683a3ec9231f847bbc0
x-transaction: 4e7c491637d6a361
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame CCB5
Redirect Chain

https://dt.scanscout.com/ssframework/uid?UIAA=63155242177322213284326113704636582218&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-28cef0f953d62ea972d95275edede15d
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30432&dpuuid=CI-28cef0f953d62ea972d95275edede15d

42 B
945 B

32ms
32ms

Image
image/gif

52.30.146.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30432&dpuuid=CI-28cef0f953d62ea972d95275edede15d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.146.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-146-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v015-0b4dd7f9c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 16hwKgp9SjI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v015-0e48b9666.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: U86ZVPPsTuY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30432&dpuuid=CI-28cef0f953d62ea972d95275edede15d
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 7
jadserve.postrelease.com/dmp/ Frame CCB5 43 B
427 B 310ms
103ms Image
image/gif 18.209.200.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/dmp/7?vk=63155242177322213284326113704636582218&ntv_r=https://dpm.demdex.net/ibs:dpid=38117&dpuuid=NTV_USER_ID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-200-15.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:55 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=2340&dpuuid=68c5cdf3-0a5e-11ec-8e5a-b92da1ccdcdb
dpm.demdex.net/ Frame CCB5
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://dpm.demdex.net/ibs:dpid=2340&dpuuid=${ADELPHIC_CUID}
https://dpm.demdex.net/ibs:dpid=2340&dpuuid=68c5cdf3-0a5e-11ec-8e5a-b92da1ccdcdb

42 B
945 B

34ms
34ms

Image
image/gif

52.30.146.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=2340&dpuuid=68c5cdf3-0a5e-11ec-8e5a-b92da1ccdcdb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.146.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-146-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v015-08730b319.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 6QrrH6xgRR8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=2340&dpuuid=68c5cdf3-0a5e-11ec-8e5a-b92da1ccdcdb
Date: Tue, 31 Aug 2021 13:21:54 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 69abe868-0a5e-11ec-a321-f1a78009e55e

GET
H/1.1 200
OK visitor_info Show response
app.carnow.com/dealers/ 77 B
1 KB 146ms
145ms XHR
application/json 23.20.64.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.carnow.com/dealers/visitor_info?vstid=3850a085-3c2a-4f6e-ad1b-13fa4fb57d58&g=0

Requested by

Host: d29f71cuc8ityh.cloudfront.net
URL: https://d29f71cuc8ityh.cloudfront.net/js2/cn-client-z3-20210827000042.js.gz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.64.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-64-84.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d5d6f7d401602582fab03c534c0d7aa5e81aea930f886f7083adf1bc9ce4d4b3

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Runtime: 0.042031
Date: Tue, 31 Aug 2021 13:21:55 GMT
Content-Encoding: gzip
Server: nginx
Access-Control-Allow-Origin: *
X-Frame-Options: ALLOWALL
ETag: W/"c0d6825b1d7c3272c1891b4ba08bc465"
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 100
X-Request-Id: 160519d7-02f8-4c98-9cbc-9b910ee735d3

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=a8decba2d32c2425386525bef4b9ce13
dpm.demdex.net/ Frame CCB5
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=63155242177322213284326113704636582218?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=63155242177322213284326113704636582218?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a8decba2d32c2425386525bef4b9ce13

42 B
945 B

33ms
33ms

Image
image/gif

52.30.146.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a8decba2d32c2425386525bef4b9ce13

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.146.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-146-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v015-08c9b48ab.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lvs1UNoFTiw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a8decba2d32c2425386525bef4b9ce13
cache-control: no-cache
x-server: 10.45.12.238
content-length: 0
expires: 0

GET
H2

200

5w3jqr4k
sync-tm.everesttech.net/ct/upi/pid/ Frame CCB5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...

85 B
165 B

7ms
7ms

Image
image/png

151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=YS4s8wAEUxXKcQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:55 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 698
x-served-by: cache-fra19169-FRA
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1630416116.732940,VS0,VE0
content-length: 85
x-cache-hits: 2106

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:55 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1630416116.635690,VS0,VE90
x-served-by: cache-fra19169-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=YS4s8wAEUxXKcQA4
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame CCB5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=YS4s8wAEFpniegAC
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YS4s8wAEFpniegAC&expires=90&_test=YS4s8wAEFpniegAC

0
239 B

107ms
22ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YS4s8wAEFpniegAC&expires=90&_test=YS4s8wAEFpniegAC
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:55 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630416116.735561,VS0,VE0
x-served-by: cache-fra19169-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YS4s8wAEFpniegAC&expires=90&_test=YS4s8wAEFpniegAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CCB5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YS4s8wAEFWnGJgBg
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS4s8wAEFWnGJgBg&_test=YS4s8wAEFWnGJgBg
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS4s8wAEFWnGJgBg&_test=YS4s8wAEFWnGJgBg&C=1

43 B
1003 B

45ms
45ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS4s8wAEFWnGJgBg&_test=YS4s8wAEFWnGJgBg&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:55 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 Aug 2021 13:21:55 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS4s8wAEFWnGJgBg&_test=YS4s8wAEFWnGJgBg&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 306
Expires: Tue, 31 Aug 2021 13:21:55 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CCB5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=YS4s8wAEUzzLKwA4
https://ib.adnxs.com/setuid?entity=158&code=YS4s8wAEUzzLKwA4&_test=YS4s8wAEUzzLKwA4

43 B
1 KB

20ms
20ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YS4s8wAEUzzLKwA4&_test=YS4s8wAEUzzLKwA4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Aug 2021 13:21:55 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 5619ed25-7c6f-41aa-a472-67f81f92d808
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:55 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630416116.768899,VS0,VE0
x-served-by: cache-fra19169-FRA
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YS4s8wAEUzzLKwA4&_test=YS4s8wAEUzzLKwA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3-29

200

sd
us-u.openx.net/w/1.0/ Frame CCB5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YS4s8wAEUzzLKwA4
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YS4s8wAEUzzLKwA4

43 B
61 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YS4s8wAEUzzLKwA4
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:55 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YS4s8wAEUzzLKwA4
date: Tue, 31 Aug 2021 13:21:55 GMT
via: 1.1 google
server: OXGW/16.214.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CCB5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS4s8wAEUzzLKwA4

1 B
548 B

58ms
19ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS4s8wAEUzzLKwA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:55 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:326
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:55 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630416116.878758,VS0,VE0
x-served-by: cache-fra19169-FRA
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS4s8wAEUzzLKwA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame CCB5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YS4s8wAEUzzLKwA4&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YS4s8wAEUzzLKwA4&img=1&__user_check__=1&sync_id=69cdb075-0a5e-11ec-a891-1a3233820206

43 B
548 B

22ms
21ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YS4s8wAEUzzLKwA4&img=1&__user_check__=1&sync_id=69cdb075-0a5e-11ec-a891-1a3233820206
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:56 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 58
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 31 Aug 2021 13:21:55 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YS4s8wAEUzzLKwA4&img=1&__user_check__=1&sync_id=69cdb075-0a5e-11ec-a891-1a3233820206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 109
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame CCB5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YS4s8wAEUzzLKwA4&t=2592000&o=0

43 B
1 KB

33ms
33ms

Image
image/gif

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YS4s8wAEUzzLKwA4&t=2592000&o=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 06:21:56 PDT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;frame-src *.facebook.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 1GR4EuwOSbKlNcBGbTOr4WeW8EO+bIZGCT+qanOEaDn9GNDF/7mfsOgcsoY+JPHBHcK8p40lBSuaaC8F+bGRBw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
expires: Tue, 31 Aug 2021 06:21:56 PDT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:56 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630416116.071238,VS0,VE0
x-served-by: cache-fra19169-FRA
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YS4s8wAEUzzLKwA4&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

restricted
mid.rkdms.com/ Frame CCB5
Redirect Chain

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=63155242177322213284326113704636582218&_ct=img
https://mid.rkdms.com/restricted

0
0

100ms
99ms

Image
text/html

35.173.167.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mid.rkdms.com/restricted
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.167.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-167-127.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

location: /restricted
date: Tue, 31 Aug 2021 13:21:56 GMT
server: nginx
content-length: 0

GET
H2 200 IpEngine_v78.0.js Show response
universal.iperceptions.com/core/ 11 KB
4 KB 11ms
11ms Script
application/javascript 2600:9000:2182:b600:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/core/IpEngine_v78.0.js
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:b600:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 70dc97a60ab824c4b4f362341733bde439ac6bd7534d2b5b193fbd37d9413ea6

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Aug 2021 13:18:55 GMT
content-encoding: gzip
content-md5: ofN/a2/Vf6dAsat1lPzqnA==
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-ms-lease-status: unlocked
access-control-allow-origin: *
last-modified: Mon, 22 Mar 2021 17:01:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
x-ms-request-id: 3b2584c9-c01e-0117-4cbc-9b76ab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-amz-cf-id: ylLF7WOtvKVjIVNwXWJi7oIm4iNkOqUu6SryYl75JmUr8IXcLsfkqg==

GET
H2 200 35282_637659480376272700 Show response
sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/ 382 KB
45 KB 63ms
27ms Script
application/javascript 2600:9000:2182:6a00:18:ee0c:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/35282_637659480376272700
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:6a00:18:ee0c:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ba3cbfd45966dd061267874e13edc5fbf0e63390f28b5cfd514357e236f71694

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Aug 2021 13:21:58 GMT
content-encoding: gzip
content-md5: Hw+g0AWegmQ3ZUknQgyfBg==
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 45380
x-ms-lease-status: unlocked
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 19:20:37 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D96BEB3F8E0055
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
x-ms-request-id: 1604ed66-101e-00cd-69d4-9da0c7000000
cache-control: x-ms-blob-cache-control: public, max-age=900
x-ms-version: 2009-09-19
x-amz-cf-id: VPbx-IcdhkJfzcKp9kVUj1qWiAB45oHOZfeNcDI8DQW79Hcl5Dd-jQ==

GET
H2 200 2143277472430190 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 96ms
94ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2143277472430190?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1b6f61f4ebb5e24847a888e25a4612a502bb05bca3a8c0899dd7ac41fd09dfe7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 0E3d61bY4qfwGXkTv5UrLS5feUgcONVMFqeCw8rM9C7y3UEsNCXMMYk8ukl95M7PlMld056ivhFx0v0sy4kSDg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 31 Aug 2021 13:21:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 13 B
245 B 417ms
109ms XHR
text/plain 23.21.173.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.173.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-173-155.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ba84a0f2529e6941e849c5e5a1c560770faa15fc4c5019673ed20962a04f9bb5

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:21:59 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.sandssurprise.com
Connection: keep-alive
Content-Length: 13

GET
H2

200

/
adservice.google.de/ddm/fls/p/src=10420473;dc_pre=CO_Ogq2t2_ICFcvHGQod9HMKuA;type=s_visits;cat=svisit;u1=CDK;u2=256053;u3=undefined;u4=www.sandssurprise.com;u5=https://www.sandssurprise.com/;u6=Hom...
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=10420473;type=s_visits;cat=svisit;u1=CDK;u2=256053;u3=undefined;u4=www.sandssurprise.com;u5=https://www.sandssurprise.com/;u6=HomePage;u7=;u8=1600;u9=nul...
https://ad.doubleclick.net/ddm/activity/src=10420473;dc_pre=CO_Ogq2t2_ICFcvHGQod9HMKuA;type=s_visits;cat=svisit;u1=CDK;u2=256053;u3=undefined;u4=www.sandssurprise.com;u5=https://www.sandssurprise.c...
https://adservice.google.com/ddm/fls/p/src=10420473;dc_pre=CO_Ogq2t2_ICFcvHGQod9HMKuA;type=s_visits;cat=svisit;u1=CDK;u2=256053;u3=undefined;u4=www.sandssurprise.com;u5=https://www.sandssurprise.co...
https://adservice.google.de/ddm/fls/p/src=10420473;dc_pre=CO_Ogq2t2_ICFcvHGQod9HMKuA;type=s_visits;cat=svisit;u1=CDK;u2=256053;u3=undefined;u4=www.sandssurprise.com;u5=https://www.sandssurprise.com...

42 B
262 B

43ms
43ms

Image
image/gif

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/src=10420473;dc_pre=CO_Ogq2t2_ICFcvHGQod9HMKuA;type=s_visits;cat=svisit;u1=CDK;u2=256053;u3=undefined;u4=www.sandssurprise.com;u5=https://www.sandssurprise.com/;u6=HomePage;u7=;u8=1600;u9=null;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1594306046;~oref=https://www.sandssurprise.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 13:21:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://adservice.google.de/ddm/fls/p/src=10420473;dc_pre=CO_Ogq2t2_ICFcvHGQod9HMKuA;type=s_visits;cat=svisit;u1=CDK;u2=256053;u3=undefined;u4=www.sandssurprise.com;u5=https://www.sandssurprise.com/;u6=HomePage;u7=;u8=1600;u9=null;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1594306046;~oref=https://www.sandssurprise.com/
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=733415227104027&ev=CustomizeProduct&dl=https%3A%2F%2Fwww.sandssurprise.com%2F&rl=&if=false&ts=1630416119404&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1630416119403.226365524&it=1630416110372&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=1759623988&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 31 Aug 2021 13:21:59 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=490712841102742&ev=CustomizeProduct&dl=https%3A%2F%2Fwww.sandssurprise.com%2F&rl=&if=false&ts=1630416119405&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1630416119403.226365524&it=1630416110372&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=1759623988&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 31 Aug 2021 13:21:59 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2143277472430190&ev=CustomizeProduct&dl=https%3A%2F%2Fwww.sandssurprise.com%2F&rl=&if=false&ts=1630416119406&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630416119403.226365524&it=1630416110372&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=1759623988&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:21:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 31 Aug 2021 13:21:59 GMT

POST
H/1.1 200
OK conversionapi Show response
mrg-fb.azurewebsites.net/api/ 0
233 B 1170ms
1170ms XHR
text/plain 168.61.217.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrg-fb.azurewebsites.net/api/conversionapi?events={%22pixelId%22:2143277472430190,%22eventName%22:%22CustomizeProduct%22,%22eventId%22:1759623988,%22IP%22:%2289.249.64.203%22,%22_fbp%22:%22fb.1.1630416119403.226365524%22,%22_fbc%22:%22%22,%22allEventId%22:%22%22,%22searchEventId%22:%22%22,%22prettyName%22:%22%22,%22url%22:%22\%22https%3A%2F%2Fwww.sandssurprise.com%2F\%22%22}
Requested by: Host: www.sandssurprise.com
URL: https://www.sandssurprise.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.61.217.214 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-functions-key: Ekzu7TO38Y8UmsKu3PDoDciTrJvZa2Mll3mKQp308StZxobqD8FFpg==
Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 31 Aug 2021 13:22:01 GMT
Server: Kestrel
Request-Context: appId=cid-v1:4ac10ea0-1893-446d-9341-a0e9715d2259
Content-Length: 0
Content-Type: text/plain; charset=utf-8

OPTIONS
H/1.1 200
OK conversionapi
mrg-fb.azurewebsites.net/api/ Frame 0
0 613ms
140ms Preflight 168.61.217.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrg-fb.azurewebsites.net/api/conversionapi?events={%22pixelId%22:2143277472430190,%22eventName%22:%22CustomizeProduct%22,%22eventId%22:1759623988,%22IP%22:%2289.249.64.203%22,%22_fbp%22:%22fb.1.1630416119403.226365524%22,%22_fbc%22:%22%22,%22allEventId%22:%22%22,%22searchEventId%22:%22%22,%22prettyName%22:%22%22,%22url%22:%22\%22https%3A%2F%2Fwww.sandssurprise.com%2F\%22%22}
Protocol: HTTP/1.1
Server: 168.61.217.214 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-functions-key
Origin: https://www.sandssurprise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Kestrel
Access-Control-Allow-Headers: x-functions-key
Access-Control-Allow-Origin: *
Date: Tue, 31 Aug 2021 13:22:00 GMT
Content-Length: 0

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryqBzUZJl9X2CLnGgY

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 31 Aug 2021 13:21:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.sandssurprise.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
634 B 59ms
59ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3865 cc0e612 master zrh-pixel-x4 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:22:00 GMT
Server: MT3 3865 cc0e612 master zrh-pixel-x4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 Aug 2021 13:21:59 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 7F85 43 B
489 B 31ms
31ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=662c612e-2cee-4f00-afee-8f3cd034acbe&no_iframe=1&mt_adid=157853&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3865 cc0e612 master cdg-pixel-x24 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=662c612e-2cee-4f00-afee-8f3cd034acbe&no_iframe=1&mt_adid=157853&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 13:22:00 GMT
Server: MT3 3865 cc0e612 master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 Aug 2021 13:21:59 GMT

GET
H2 204 l Show response
api.speedshiftmedia.com/public/gfu/v2/ 0
307 B 333ms
333ms Script
text/plain 18.66.97.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.speedshiftmedia.com/public/gfu/v2/l?u=612e2ceec9dded5f3b00029c&f=&l=&s=L00
Requested by: Host: services.cdn.speedshiftmedia.com
URL: https://services.cdn.speedshiftmedia.com/gf/core.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sandssurprise.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 13:22:01 GMT
via: 1.1 59d5785a1d012a54118141e7e216a493.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amzn-requestid: 7d772c64-3d24-488f-b0f6-494a463676c4
x-cache: Miss from cloudfront
x-amzn-trace-id: Root=1-612e2cf9-3eff572040072691384b4bab;Sampled=0
x-amz-apigw-id: E7v2-FgUIAMF94A=
x-amz-cf-id: HPYXcYGeLbRloLo-Xh1k9HdVtjd2RdlagX762LSa7sJWmjsBrKeDFg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.ixiaa.com
URL: https://s.ixiaa.com/a.gif?partner=1183949&client=1183949&campaign=1183989&source=gmps-sands-chev

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Domain: s.ixiaa.com
URL: https://s.ixiaa.com/a.gif?partner=1183949&client=1183949&campaign=1183989&source=gmps-sands-chev

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.sandssurprise.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: F0C51826C1BD9385CC097807523A7959

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://wsassets.cobalt.com/websites/dynamic/bundles/5.0-7693/dkn/fak0ssjfqrsygvzj61g==/pixeltag.js?webId=gmps-sands-chev&locale=en_US&originalDomain=http%3A%2F%2Fwww.sandssurprise.com%2F(Line 1) Message: Reduced :
console-api	log	URL: https://wsassets.cobalt.com/websites/dynamic/bundles/5.0-7693/dkn/fak0ssjfqrsygvzj61g==/pixeltag.js?webId=gmps-sands-chev&locale=en_US&originalDomain=http%3A%2F%2Fwww.sandssurprise.com%2F(Line 1) Message: true
console-api	log	(Line 3) Message: [SSM] Empty value string.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9317774.fls.doubleclick.net
9399534.fls.doubleclick.net
a.tribalfusion.com
aa.agkn.com
acsbapp.com
ad.doubleclick.net
ad.ipredictive.com
ads.samba.tv
ads.stickyadstv.com
adservice.google.com
adservice.google.de
amazon.partners.tremorhub.com
analytics.twitter.com
api.iperceptions.com
api.ipify.org
api.mrg.agency
api.speedshiftmedia.com
app.carnow.com
assets.adobedtm.com
bat.bing.com
beacon.krxd.net
bid.g.doubleclick.net
bs.serving-sys.com
c.betrad.com
c.evidon.com
c1.adform.net
cdn.acsbapp.com
cdn.navdmp.com
cdn.speedshiftmedia.com
cdn.tradepending.com
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
collector-6821.tvsquared.com
connect.facebook.net
core.conversant.mgr.consensu.org
d.turn.com
d29f71cuc8ityh.cloudfront.net
d2dhoetkfll74o.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
dt.admission.net
dt.cobaltgroup.com
dt.scanscout.com
fonts.googleapis.com
generalmotorscorporation.sc.omtrdc.net
gm.demdex.net
go.activengage.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
jadserve.postrelease.com
js.adsrvr.org
l.betrad.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
login.dotomi.com
match.adsrvr.org
media.assets.sincrod.com
mid.rkdms.com
mpp.vindicosuite.com
mrg-fb.azurewebsites.net
navdmp.com
odr.mookie1.com
pageview.activengage.com
pi.ispot.tv
pixel.advertising.com
pixel.mathtag.com
pixel.placed.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
plugin.tradepending.com
px.marchex.io
px.surveywall-api.survata.com
rules.quantcount.com
s.amazon-adsystem.com
s.ixiaa.com
s.tribalfusion.com
sb.scorecardresearch.com
script.hotjar.com
sd.iperceptions.com
secure.adnxs.com
secure.quantserve.com
segment-pixel.invitemedia.com
services.cdn.speedshiftmedia.com
snap-plugins.s3.amazonaws.com
sp.analytics.yahoo.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.myvisualiq.net
tag.digops.sincro.io
tags.bluekai.com
token.rubiconproject.com
traffic.prod.cobaltgroup.com
uipglob.semasio.net
universal.iperceptions.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
vars.hotjar.com
wsassets.cobalt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.imdb.com
www.sandssurprise.com
x.bidswitch.net
px.surveywall-api.survata.com
s.ixiaa.com
104.111.215.191
104.111.233.93
104.111.244.187
104.244.42.195
13.224.101.82
13.224.93.90
13.226.155.108
13.226.155.38
13.226.155.84
13.248.242.197
13.32.118.50
13.32.121.122
13.32.121.21
13.32.121.33
13.32.121.41
13.32.121.67
13.65.210.166
141.226.228.48
142.250.181.226
142.250.184.194
142.250.184.230
142.250.186.166
15.236.176.210
151.101.14.132
151.101.14.49
168.61.217.214
18.169.236.234
18.194.158.62
18.197.47.23
18.198.69.109
18.202.15.91
18.209.200.15
18.66.96.113
18.66.97.10
18.66.97.25
18.66.97.36
185.29.132.241
185.64.189.115
185.64.190.80
185.94.180.125
199.127.207.182
2.18.233.201
2.18.234.21
2.18.234.233
2001:678:cb4:bbbb::13
206.189.187.108
209.54.178.82
212.82.100.181
212.82.100.182
213.19.147.44
23.20.64.84
23.21.173.155
2600:1f18:612b:4216:6562:d53b:a2e7:750a
2600:9000:2182:3a00:1d:cf92:a80:93a1
2600:9000:2182:6a00:18:ee0c:6e00:93a1
2600:9000:2182:b600:8:e7ba:7440:93a1
2600:9000:2190:5a00:6:245a:1600:21
2600:9000:223c:e00:6:44e3:f8c0:93a1
2606:4700:10::6816:1957
2606:4700::6810:125e
2606:4700::6810:bf3
2606:4700::6812:d05
2606:4700::6812:d78
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:800::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:811::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9b
2a02:26f0:6c00:28a::1e80
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.126.56.137
3.208.250.137
3.227.92.182
34.248.191.66
34.248.86.185
34.253.109.165
34.98.64.218
34.98.67.61
35.157.2.63
35.169.206.198
35.170.144.83
35.173.167.127
35.186.236.204
35.227.248.159
35.244.174.68
37.157.2.234
37.252.173.22
45.79.143.172
52.138.200.61
52.203.60.58
52.216.113.11
52.30.146.101
52.44.110.4
52.44.38.222
52.50.64.214
52.57.230.211
52.8.197.246
54.161.241.46
54.74.18.91
54.85.189.129
64.158.223.137
69.173.144.138
69.173.144.165
74.125.206.156
77.243.60.138
89.207.16.204
00fcc121a0131da06dc33324f29cfa410ca28d6e66b8f860dffd374e4ee42691
0385ee74ecfb95851591d855ebe9ce33585c9e2521b333105b1177813700c300
067dadb7ed931f4736424b158ee429654219d6574e2d366d0ee1b53a6d286ed5
0cb298d1e256055ad78800456488e9e871331f8c31234b07a2cc151f11de98bd
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f1f1b9126fa2422f0734e32f4bf421ef0e77099fbc5d90df07dc50ea13c99d
12b660e506cc268af796b97ef1a190eca0bff45c8d5403dc2279752aedd9f737
15906e6d782942494450b5474366c4098c542e8ebfbf2aabb9b824b451971970
15b1a78f02470add6d2b91cefc46f3d1f7da2ce52b85ecb960c8f913e8685874
161e00efbaad513d5052b7da4da60f2494e2dd85d0a9435153ce3a8e8744a290
1791fe6b97889b4f9145120a59510259f87aa0bd825f73a8b5f207286fa9f382
1b6f61f4ebb5e24847a888e25a4612a502bb05bca3a8c0899dd7ac41fd09dfe7
1d6d0d54103b01d34d20c4ccbb3876fd9425f2a93b960d7ddccfc2a1f3860b90
21c1109a2d388102dd8a7f1bd4ca52a72b3580c0d4954604223670a4dee14d04
2401ba04172df8d8d08948f32b9d7eeccd145eafa3888a24412a1f71981c37ba
243ee9d9bf3d31bf74d4bab58dc2b5f6a804a3bcbaf8b6391884038daf7f074c
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
2641b1324c41098791d1e2bff0f7992c69ff38800f3c0a24fc8a1efe7527207f
272b9ff60113bccbe6ae7a3bbfb5656ef98a1c0364639ed13e598c1cdaacb37c
27c20f637413e9f7e87a546ed1489058a4ad21536cdd396e78ae0fdc3ddc9573
2a5e33ede4874ab2f932af0a3274d5f7390185ebc4989cbf09fb619b77326fb9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
32d9b61f6fb6077c437beb41978e340b70a9ac050612be1c65c78ca3f988a094
34b6437e371274f0a9d954c7cd17cf107116f12167f73c333bd7a5d86e285b84
352eeb469764e58c4b87d168bc9c9fe4fd33c3e2ce387e7aacfa4194ce214a95
36e94427604f03321db6b23d1ae9503c64a0af0fa3bd86419f1e30e0c864777d
3830576688c934387874b8279e3d29cfd18eb4c2193e82d30504c8e0f4ca70a1
3d209a92b081d2cd1f18845c4020272672fdc71cca96edafcf8cbf15368343b4
3dd1daff42a33e9e58f5fdb10d685ee6538b20499309c79e069e083da1e3bac3
3efd2c8730892141933f08508d4fa13bae24f7b5788f7480c6dc6cd0d7617320
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91
4415a92e2478a9fa45c84f12d1b7d1c0a011e6f7bc53ca52d5cde89b69ac5d07
45337a208a34e3a2a68bd8813c2e79631938d5b68292ca8d29688ee7240fe13d
4650bc273b69bd9e63d1ef0ea2c6b0d39be59ce91ef942898a224546fb6689f4
46787dd8637d6a3eb90accc10852bfbcec47e4509d0e8be42535e007d253c78b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49cb91c4f1144347a19ee071b30fa8ca705d8ff05187984935c678bac2a9c546
4abe59cc07bbf43797dc654884614277d038f8a4777e87f79b75147f3e7838ca
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c80141c848fcc5d3c9a281bdadf72485c082b6128bca14177ebe42cd8a58290
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e96a42492bf53f25ff9d2558ed3bae209f12d98a854504ca4e8b6b0a27eb292
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55ae96d91a814acb7394212150bc6bebb03b980ad31e2a1d2e1de67bcce7a76e
55caba448a7376729835630a7294d01f2067d79ff6a6dcecb0b669b60146bed7
596765570327943efb436c45c32fd36e6754f211f1fda787bfc3ecdc7a8d3730
59c2bd8c9d17d40e7119100dba656e402c7a3b326d9fc2441133f93f3c53dcfa
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5f22c75ea3d26a7ca021bac74aa01a905506f8a9bd98cb3a0ea9b7c713ce4cf9
60294b5611f2b1ecf1dbddd7b2ba9e508d91ac967d854be350e3637ce1b70753
6093cd86a9cc3e8039eff9db3b4f2f69c7d068072b954f61f8e59ec65bf4b790
615f8227f700d8ec8b094cfb18dbe36305d69201a1a962fc7cefc8d389ae96ec
6318a0e68ef34c21191bf2f95328f92a8f6a1d552e5975c5e615eff02708b3d4
6397537629c9ceb8b5805c48903d45fe49d7e37ea264addaa0afb6b202d1717a
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64699e0cc63a06e8530061f73cf7cf46628e2b5d15a5c7d963715a4b888d70aa
65acd190391b0765bdb06b4cdc03bcf9cbcc84eb5a51cf8506892ad007c5cd71
66b0dfe940bb442336b8b90a52f8d3e3a4777ab553722b88e872bb2ea096833f
68d318ef519ff4d4d3fe936eecd0425c15b9c98cb10d200bd99d11596f6936f1
6a3d613dc50386619926a3ce31e7fb92667f215ee344ef27c87515644ac0b247
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c1c98161c0fd09df54cf43c2c73a42833098e8b7a20bc61a4fbb8acc60fdbec
6d21c60a7e3375728eb2a426cfe86bb65a41a212271629ae4f012ea123a1399c
7044952a4acccc696f4319c86ec36afcbd30661f145dc5d734d74dd7284cea60
70dc97a60ab824c4b4f362341733bde439ac6bd7534d2b5b193fbd37d9413ea6
738326fab9c514e02c0abf21120e21ea15f8d9f6497e9e43ceb43b6b15c14b76
76ed7d66e600ad772932b2893edeb415404b42a3623c0f62341972eead1a8781
789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c6cd29774590acdd0a633f80a889767f001e72bfac8d5287bf0b0722740a01f
7cc2cc9235c415e0a3726208c1d7ffffebd26366170b1a9139bb4defe8fc49b5
7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb
7d2b5759bc299a346bb043f1ffcf1150720eceb68431806c55f712f5916620a5
80cdb9f6085bbb40a9fd7dc0cc84aeddbe40061758a5d1d591fb135475f967ce
81a04a14625e1b4672447f98f61ae3addebd02775892619555989462acab6970
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8788869e13940313cd68534156d17f8fb40cca6d7efc531cc39089ef290654db
878de6ff490fb5c78e111c5ed8be00c71cd31b1d4cfcfb82ed27222d26e2212b
8974838b6ac4bad22c5a299bd6edd54c35f2ad45010c9fb4c6a887300ffc6c4f
89ac60a2114b9864a68cdafca462262554112721fea46044d8955c24e98ecdd0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3a13ab242ef1164ac74ef88ee501218cc2244bef7d351bd5d3b23c7bd23f73
90c3b7a05fde380bbfd62784e4cd642c500f7dd917b21c960f7a8a024ef3f9a2
91092876a5a7a6625eaff0579006208afbe10b9178c664726e613557f090ecd1
915af12f9d267bdf12e3544cb2d29947a673d85c591aaa00629762a1291445e4
9253a69aeeb9c415d101c27669f1d1daf6be673d54aa3318c1dba05623bb4e54
93129747c97acf49989a5bc6491a96e4b8a3f05c4351ae75ca02eeaf120deda1
932b69b485b9ab610183efefa65041d281bc489d14d91df150252ed2f84a5e60
93715f4d3435f7b1b30fee7eeaca9f487359f6c9ae970fe790fdb02db2372c0d
93f696a682e48dd948ea67bb8e91a5ad2f8cd8127281ee2c808e062132741d14
949b5261ee4dfc79ef78ea4326513d9a57612d10eece2f8047dd1c1c69b489fb
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99643bd78340e8d59e30132717cb5c837f8610e2b766c49b33385d4ed6235de0
9c7fcb1fa705fa40278333a8b3834c06af49fa8cc2245051c6d6629b5e7a56a0
9cb5a4eb74c3c68f92e2d3726604c83c43dd65b8a0a63ea218f805257e2b5f02
9dd5b77d60f71a9ae346785995d2f5a7c51e5dd3719a5840d47d397ef18628fe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2793d1a660bda4351409a5ec734f590b0e1bf8c678e2a8a052195f079899b51
a2a24924de8430c1e2b8d4ea1fd64d5c9da6a99a492c42f4a38b0ac03a2b843c
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a57834c9a7978711d3d27a53b13e2a46548deee1685fb2e4a5561f256a2fcd91
a5f58f6b3d0c3ffdc15315e5eb1309fe70cf97091e7dd619c2e67a477a32eb0a
a8b1c9fd568598f6ddbf5ec91503f98a1a956915aca330b4024082e01d39bc24
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad67297ca4181b7c0511a967b822d52be8b1e33c7f40ffdfe7c318c9f0fbdb7e
af56a504331fa3510b185436f7a50c56099fc4bdaa23181f2e070d66a9320309
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b58400b375d1e71bfb7cecdf1975689960feb967d7d626139c6a9ee99dee1861
b688b7d8c9a306ac5fc64ab06561ca04693e1c5d0ea9877a4c853581d04971ea
b7342a3d85e053fea673fb2f2976b79dda7baad055c790cbe9b5f9ca4725ffe5
ba3cbfd45966dd061267874e13edc5fbf0e63390f28b5cfd514357e236f71694
ba84a0f2529e6941e849c5e5a1c560770faa15fc4c5019673ed20962a04f9bb5
bc413f27ac2d1ebcd96c9cb306a62c5930fff67feeb573cfb0a39b211e4cc3b7
bd70c4ce4d2a8b7991b756fbe0357feb7c6d197e5fd158e9247c605ce3c09ab7
c1c6c18e564c90badd969953bdbc7c5297fdca53dd3eff7f50a6ee69c24b042e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c43de6ddb2667a5c9e75cb281475854a83bd69c22d9774c21a2c866106e9c717
c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586
c64b2ccfb746efbba60020224db7d57ac9d091ec6615fb2163ae3764fbd477b4
c64cafe43d3208b81945ee51b231f94555024d8bedeb47437ec5b7010ff50e04
c9b3ffe2cc96c9b61e78a4acb5788c87c5c452690bdfb86621c02d3c39448d17
ca3a564b2e340347beac82d19c453636da156d26e84f5034ff07262510fe556c
cccc6e1e022fa197be37d1c4bd77b74f628d6b65999ae433081c44a6dc196c8e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe0ee1eb8a8e72dbf41439470e4afeaec59aa8f41477d4d451ea8b742ae0189
d5d6f7d401602582fab03c534c0d7aa5e81aea930f886f7083adf1bc9ce4d4b3
d9f47c0dba6fafb77ac893ba6152e4f8afe82690768d5104bb4f5d31c49f8b83
dacee2792ff941c22155009a87fc2714e42681bcd94e03da23e02d90ae91c7d3
db21d4df04ee1f7dd99f5c264f41e5e09912fdb5dba405d0b2c1b1f40ef1c68a
db7a9a33fa177f8c35882b37fc21f72160509ce720c79637700c2b623cb46837
db804a7265adb15818011a82c75949956e5b13e2bf596495bee582ae7c6e9ef8
dd393e72537ab250b67f90dd14a5ac765e5906835722883b15a2d729ea9027f6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e319b9b16255038ec558a7569a8ba8ea7daa885ed73fd0d6eba7e183f9258167
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7e29ed58fd2265f7ca6db7e1e4070fb1922788d520af458da24684915d19f3a
e90840ba8e99975dc53b26b16c56c117f267379efe7207981ec3c63fe991efba
e9da57b3c9e762104430469257e79b2f875be1b9d7c75876aba5c6fc4f578e75
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f1281f57d96af87f795e9bc085aa12b3d7fcf35f045ef72f90014c98496d629b
f245d6d61009a3b1a6ec4612c40b68c55f5db5f491bcdd749b0c5a8a6a42cc80
f29abc737917103e1a1cb43565608f684c2a4e4476b343b79cfeaece72809502
f4794cf7673eb8cfa769bea7abad324e13c48b03d3b5e6bb9106f1251a6254a0
f4eef949e9588715bfa17f70d4e6e805cdddbb0bf551bd520af98856f982e456
f64b93491aaac72855e932e7a1225047d4f4328689ecb53ab4d1dd4ee1e24148
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f75d8405eecab9e2011183280da1f264af19137659bc8d5e6d926af99a991962
f80bd360630795d3fb42791688fafa9b55a40165c2c50e9a0fd8b0c29c0b29d1
f8e5a1dc315af48015053b6cc6f372181f8a0d09f6a8b59c00a9c93faf2d36db
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe4348eaa2a357ccc3a9043c01635b6bd617044116d50d8fbc8c46e9ac57d2c2
fe746d83998e1240839c0bc23a41e1d7b874d3c5da578463a6136193a6ba8eb5
ffb83dc01740458a3d9908ce1f67e849ec1db1bf0e36e028ae40de7f400ba59d

www.sandssurprise.com Open in urlscan Pro 13.226.155.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

329 Requests

96 %HTTPS

24 %IPv6

90 Domains

127 Subdomains

82 IPs

8 Countries

5926 kBTransfer

12961 kBSize

1 Cookies

14 Outgoing links

Page URL History

Redirected requests

329 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sandssurprise.com Open in urlscan Pro
13.226.155.38 Public Scan

Screenshot
Live screenshot

Full Image

329
Requests

96 %
HTTPS

24 %
IPv6

90
Domains

127
Subdomains

82
IPs

8
Countries

5926 kB
Transfer

12961 kB
Size

1
Cookies

329 HTTP transactions
2 data transactions