am590theanswer.com Open in urlscan Pro
2606:4700:20::681a:e4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://590ktie.com/
Effective URL:
https://am590theanswer.com/
Submission: On August 02 via api (August 2nd 2021, 3:48:22 am UTC) from US

Summary HTTP 169 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 54 IPs in 6 countries across 44 domains to perform 169 HTTP transactions. The main IP is 2606:4700:20::681a:e4, located in United States and belongs to CLOUDFLARENET, US. The main domain is am590theanswer.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2021. Valid for: a year.

This is the only time am590theanswer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:a19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::681a:1e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
5	52.239.154.36 52.239.154.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
38	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
1	143.204.98.113 143.204.98.113	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
2 19	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:20a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	31.12.71.114 31.12.71.114	202708 (RNGROUP) (RNGROUP)
1	143.204.98.69 143.204.98.69	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
2 4	2606:4700::68... 2606:4700::6812:1c31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.89.90.136 52.89.90.136	16509 (AMAZON-02) (AMAZON-02)
4	18.209.200.15 18.209.200.15	14618 (AMAZON-AES) (AMAZON-AES)
9	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
16 22	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1	2600:1f18:612... 2600:1f18:612b:4232:5c22:542e:b1d3:5f9	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	3.8.243.222 3.8.243.222	16509 (AMAZON-02) (AMAZON-02)
1 1	18.194.175.178 18.194.175.178	16509 (AMAZON-02) (AMAZON-02)
2	13.224.96.41 13.224.96.41	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	3.223.82.72 3.223.82.72	14618 (AMAZON-AES) (AMAZON-AES)
1	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
1 2	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
169	54

1 2606:4700:3033::6815:a19 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

590ktie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:1e4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.am590theanswer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:e4 (United States)

ASN13335 (CLOUDFLARENET, US)

am590theanswer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.239.154.36 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

simorigin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cdn.saleminteractivemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-113.fra50.r.cloudfront.net

campaign.aptivada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:20a (United States)

ASN13335 (CLOUDFLARENET, US)

salemlivechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

content.cdn.targetspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.12.71.114 (New York, United States)

ASN202708 (RNGROUP, BE)

node.targetspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net

cdn2.aptivada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

media.townhall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.swncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:1c31 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

hotair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.89.90.136 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-90-136.us-west-2.compute.amazonaws.com

aptivada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.209.200.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-200-15.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

191c58df206ff722dcc1857f628bfe18.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-jsonp.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 169.50.137.190 (United States) 16 redirects

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:5c22:542e:b1d3:5f9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.8.243.222 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-243-222.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.175.178 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.96.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-41.zrh50.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.82.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-82-72.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.103.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.36 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	saleminteractivemedia.com cdn.saleminteractivemedia.com	2 MB
25	doubleclick.net 5 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	176 KB
24	googlesyndication.com 191c58df206ff722dcc1857f628bfe18.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	560 KB
24	simpli.fi 16 redirects tag.simpli.fi i.simpli.fi um.simpli.fi	14 KB
7	googletagservices.com www.googletagservices.com	251 KB
7	google.com 1 redirects www.google.com adservice.google.com	829 B
5	gstatic.com fonts.gstatic.com	85 KB
5	windows.net simorigin.blob.core.windows.net	315 KB
4	facebook.com 1 redirects www.facebook.com	365 B
4	postrelease.com jadserve.postrelease.com	3 KB
4	hotair.com 2 redirects hotair.com	54 KB
4	facebook.net connect.facebook.net	167 KB
4	google-analytics.com www.google-analytics.com	19 KB
4	aptivada.com campaign.aptivada.com cdn2.aptivada.com aptivada.com	45 KB
3	am590theanswer.com 1 redirects www.am590theanswer.com am590theanswer.com	16 KB
2	openx.net 1 redirects us-u.openx.net	482 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	968 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	pro-market.net 2 redirects fei.pro-market.net	853 B
2	intentiq.com sync.intentiq.com
2	agkn.com 2 redirects aa.agkn.com d.agkn.com	959 B
2	tapad.com 1 redirects pixel.tapad.com	887 B
2	moatads.com z.moatads.com s-jsonp.moatads.com	55 KB
2	townhall.com media.townhall.com	132 KB
2	targetspot.com content.cdn.targetspot.com node.targetspot.com	1 KB
2	google.de www.google.de	171 B
2	googletagmanager.com www.googletagmanager.com	67 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
2	jsdelivr.net cdn.jsdelivr.net	10 KB
1	rubiconproject.com pixel.rubiconproject.com	773 B
1	googleadservices.com 1 redirects www.googleadservices.com	308 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	bluekai.com stags.bluekai.com	603 B
1	bfmio.com sync.bfmio.com	421 B
1	exelator.com loadm.exelator.com	324 B
1	tremorhub.com simplifi.partners.tremorhub.com	183 B
1	google.ch adservice.google.ch	165 B
1	swncdn.com content.swncdn.com	48 KB
1	salemlivechat.com salemlivechat.com	43 KB
1	ntv.io s.ntv.io	108 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	590ktie.com 1 redirects 590ktie.com	784 B
169	44

	Domain	Requested by
38	cdn.saleminteractivemedia.com	am590theanswer.com cdn.saleminteractivemedia.com tpc.googlesyndication.com
22	um.simpli.fi	16 redirects
19	securepubads.g.doubleclick.net	2 redirects am590theanswer.com securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
7	www.googletagservices.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	www.google.com	1 redirects am590theanswer.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	fonts.gstatic.com	fonts.googleapis.com
5	simorigin.blob.core.windows.net	am590theanswer.com
4	www.facebook.com	1 redirects am590theanswer.com connect.facebook.net
4	jadserve.postrelease.com	s.ntv.io am590theanswer.com
4	hotair.com	2 redirects am590theanswer.com
4	connect.facebook.net	simorigin.blob.core.windows.net am590theanswer.com connect.facebook.net
4	www.google-analytics.com	am590theanswer.com www.google-analytics.com
3	stats.g.doubleclick.net	www.google-analytics.com
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	ce.lijit.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com
2	pixel.tapad.com	1 redirects
2	aptivada.com	campaign.aptivada.com
2	media.townhall.com	am590theanswer.com
2	www.google.de	am590theanswer.com
2	www.googletagmanager.com	am590theanswer.com
2	maxcdn.bootstrapcdn.com	am590theanswer.com maxcdn.bootstrapcdn.com
2	cdn.jsdelivr.net	am590theanswer.com
2	am590theanswer.com	simorigin.blob.core.windows.net
1	pixel.rubiconproject.com
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	stags.bluekai.com
1	sync.bfmio.com
1	loadm.exelator.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	i.simpli.fi	tag.simpli.fi
1	s-jsonp.moatads.com	am590theanswer.com
1	z.moatads.com	s.ntv.io
1	191c58df206ff722dcc1857f628bfe18.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	content.swncdn.com	am590theanswer.com
1	cdn2.aptivada.com	am590theanswer.com
1	node.targetspot.com	content.cdn.targetspot.com
1	content.cdn.targetspot.com	am590theanswer.com
1	salemlivechat.com	am590theanswer.com
1	s.ntv.io	am590theanswer.com
1	campaign.aptivada.com	am590theanswer.com
1	tag.simpli.fi	am590theanswer.com
1	fonts.googleapis.com	am590theanswer.com
1	www.am590theanswer.com	1 redirects
1	590ktie.com	1 redirects
169	58

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
tunein.com
app.radio.com
www.pe.com
player.listenlive.co
townhall.com
hotair.com
salemmedia.com
cdn.saleminteractivemedia.com
publicfiles.fcc.gov
ktie.christianjobs.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-09` - `2022-07-08`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-05` - `2021-09-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2021-05-19` - `2022-05-19`	a year	crt.sh
cdn.saleminteractivemedia.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-16` - `2022-04-16`	2 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
campaign.aptivada.com Amazon	`2021-07-09` - `2022-08-07`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.cdn.targetspot.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-16` - `2021-09-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.targetspot.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-09` - `2022-04-09`	a year	crt.sh
*.aptivada.com Amazon	`2021-03-06` - `2022-04-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.townhall.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-22` - `2022-02-20`	a year	crt.sh
*.swncdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2022-04-14`	2 years	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.google.ch GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.intentiq.com Amazon	`2021-04-04` - `2022-05-03`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.bfmio.com Amazon	`2021-05-16` - `2022-06-14`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://am590theanswer.com/
Frame ID: 78CEC174021DE0C898B3BC0015D3379C
Requests: 117 HTTP requests in this frame

Frame: https://aptivada.com/promo/info.php?widget_id=546&widget_type=widget&app_type=&environment=external
Frame ID: D7B5729057966793F50CA839D6028A74
Requests: 1 HTTP requests in this frame

Frame: https://aptivada.com/promo/info.php?widget_id=652&widget_type=widget&app_type=&environment=external
Frame ID: F71E1E52A8E451477B1EC6103320F4F0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Frame ID: 05DCFA25F34F99F7F00C7A5626B1BDFD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Frame ID: D5A84395062862D320921E08ECDDA52C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Frame ID: A378CD3AB9C3EA2D33599FEBBF4C1335
Requests: 1 HTTP requests in this frame

Frame: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Frame ID: B949F92DDBB19017E5EEE536A67DF2D8
Requests: 1 HTTP requests in this frame

Frame: https://191c58df206ff722dcc1857f628bfe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3D9B75AFAA41CC09EF20B5CCD2009CC0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstd39BUFBciKTiSbIU0IjF7R2wlgTmu2DjImtHQaPE0Hud1nWlcZsUaoqLJLaFWIfBXOD1JVGG-_0qGtAlYErSHPJTq7O4DVGzOun7iNAtP1PYVFO3SF02GB_Cx2sjomkXEWU9ZJN453Rdew3w6-u_U8i1pD2mFWij6F4xHGKNMyc6Tt-LYVJm13HzErXlZ4OGVNm5uIbzqwg3RDAswf-H4e98MjSfeImz8sRiE94sL6Ne-IxpUM5kL75n73JVhi6xOLuS0aHnBakYNSH9yzAq3EPaa8i2rzdarXJ27MmJ1kk1jXyode2yEvw&sai=AMfl-YR6f8TOv4aInH7-swpMVTyeIVg_p-khc2VrmdQ3p_HnpAucD30VYnQLaEqc198eloO8l67qYrEeDLAYne3wtz3DSZZO0ISSkQzQwRIgEoNEYkSN_E5AssLfuFolC5E&sig=Cg0ArKJSzP5HO28C8WuXEAE&adurl=
Frame ID: A2F9DBA978B8C038DF9F916C43D52A62
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPZPG5iLMgXhPO13CMhLPDvjRt8YdXvduq52uJdPfSWbbz_iqIHCzihX_t6T10Dg7XxSTZFOpkp8va8zCDAjxHOEEXBgxUh94ZpPfwB1dWuBZ7Yug4XFKuX2zXMl7A3FJpyEx0S5ghkWhH7EGyrzf2GSZbg7uAr1DUfFe-rHAF9Wreh92S1CIsS2kbdrLicJSHZ_ADZyhioaq2kKzfTMPyrfhDh3UP-43ivGzinAkqbqgVVAeVJT16SZzaSLqBZHJKKO1IHC_H4U1lA9QwgI7JjJHvJNLQquZnbmNZ1bzvCC6VlablXMuzoA&sai=AMfl-YR6_3ff_HUs7XrYWJFyrgrWB8qn6bCdBYdSsG4WSHUOzIR7HqDK-Jf6biIwR2TLgSsez9Um5J7tvdaagZapcg5IlsFdh22722HJ341sIctl-3_e8tmdC1jgyH6OEYU&sig=Cg0ArKJSzH9pVkA5tw4kEAE&adurl=
Frame ID: E44017F043E40AA5F515D4A484A379B5
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbEtjKNwdqEikubNjIbismz0DRkSKWzfgsluGyrimILs9tFfZwgIr81sYL6PNPb4M9jETS302KyhNjMa302BvrAYEmIiVJ0M4HaNuA7Egb30pQBSdqM9UTz7QsgfwDXGoc7tICJbUFxq59WmTc3-UPajgTIKBYpYLWKUw1swanM-3vuiQ7E1HQzXBBKDeN9czJolvA-Xv0XoLOdIxDM1kley6hUiBHdPHjfOcLsVuZcGjDNQg0bSsOpyqFS-4i7b_gbei5yLVY268VtZvdUKdPSvLtwRPuSJZBACu60pjFD3dcyRdisQ&sai=AMfl-YRk8X3SWhuFcDYQ9baKtexVbbpEUJ71qCsPspgVDoAqARg4ghjXw4quhNWaIbpcx24bLxwPK5a_MSWVHbZ9_88h4Cy0jCKFodwSqgzEFT5tJ7XGyZbgmeodtPyphmE&sig=Cg0ArKJSzGnG8AKMzegKEAE&adurl=
Frame ID: 8BAB7E3E27B4414841E8CCD1D35A0149
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 60138E3D2ADB82400BEA486F1DEEC1AE
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AEA4F71A3EA9FCC5104CD9A8215D9F7F
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAuZXFrcFQDOJEr9Rfgp3E-Z4TbGrXA81gSMXl4SEhhGFuxT-oXrWkSY-4aWy4lTP081Uwbj2PBemc7DgyKNbVZz_rQ_zDBnKcBaPmpjjTD_KCugVMSY50y6L6WT3d4IT29ccWLg2M7AHWBlUfBvFI09qnG41hLdCoxV9lvGjrepZqmBWntKxtRuyrDi_Z6-HWCbZu4MaY0M3yK5UFNRiPFidxkwcRJJYvMeAJTM1Ho1YPPZK3o8GZomVFPSNPbjb-2OxBthqwTrXw1V1Tt7p8qCKHpQcJBl_84ouScvKun_fNFHHpX_cv0A&sai=AMfl-YR4yQKRKDBLUg7IiUG_jIAikznEk2bfnvHrXQg4vvuhpedGbKkaqiHnOFYfJiMKcXOpNckQNC_NLel6fQW3bPyhFQ556cPiS953s1wjFf_HJxcfsygEQcpFhkkep0U&sig=Cg0ArKJSzFQ8GEtrTmhxEAE&adurl=
Frame ID: A31771BC35336361368F75250E4190CE
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df157a6756386ef8%2526domain%253Dam590theanswer.com%2526origin%253Dhttps%25253A%25252F%25252Fam590theanswer.com%25252Ff19e84500a48ad%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fktie590am%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500
Frame ID: B182A7ED6EE9CD08E9C9ABFAE0C7822D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 61C3BD819FFD640170305287837BA59B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F04882C0529A7176AC939A6D803662E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://590ktie.com/ HTTP 301
http://www.am590theanswer.com/ HTTP 301
https://am590theanswer.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

169
Requests

100 %
HTTPS

52 %
IPv6

44
Domains

58
Subdomains

54
IPs

6
Countries

4167 kB
Transfer

6606 kB
Size

9
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ktie590am
Title: Find us on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/am590theanswer
Title: Find us on Twitter

Search URL Search Domain Scan URL

URL: https://tunein.com/radio/KTIE-590-s35033
Title: Find us on TuneIn

Search URL Search Domain Scan URL

URL: https://app.radio.com/download-KTIE-AM
Title: Find us on Audacy

Search URL Search Domain Scan URL

URL: https://www.pe.com/2021/08/01/sehdaresthedevil-wins-clement-l-hirsch-stakes-at-del-mar/
Title: Shedaresthedevil wins Clement L. Hirsch Stakes at Del Mar

Search URL Search Domain Scan URL

URL: http://player.listenlive.co/56981

Search URL Search Domain Scan URL

URL: https://townhall.com/tipsheet//rebeccadowns/2021/08/01/prolifers-from-all-walks-of-life-are-unified-in-support-for-overturning-roe-n2593440

Search URL Search Domain Scan URL

URL: https://townhall.com/tipsheet//rebeccadowns/2021/08/01/terry-mcauliffe-the-source-of-lies-that-just-wont-die-n2593437

Search URL Search Domain Scan URL

URL: https://hotair.com/archives/ed-morrissey/2021/04/07/white-house-come-tax-hikes/

Search URL Search Domain Scan URL

URL: https://hotair.com/archives/john-s-2/2021/04/07/new-details-alleged-groping-gov-cuomo/

Search URL Search Domain Scan URL

URL: https://salemmedia.com/ccpa-sale-opt-out
Title: California - Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://salemmedia.com/salem-radio-stations-ccpa-privacy-notice-for-california-residents/
Title: California - CCPA Notice

Search URL Search Domain Scan URL

URL: https://salemmedia.com/privacy-policy-for-salem-media-group-radio-stations/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cdn.saleminteractivemedia.com/shared/docs/terms-of-use.pdf
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://cdn.saleminteractivemedia.com/217/media/eeo.pdf?t=2021-08-02T03:47:56
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/am-profile/ktie
Title: FCC Online Public File

Search URL Search Domain Scan URL

URL: https://ktie.christianjobs.com/
Title: Christian Jobs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://590ktie.com/ HTTP 301
http://www.am590theanswer.com/ HTTP 301
https://am590theanswer.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://hotair.com/wp/wp-content/uploads/2021/03/jm-1.jpeg HTTP 301
https://hotair.com/wp-content/uploads/2021/03/jm-1.jpeg

Request Chain 65

https://hotair.com/wp/wp-content/uploads/2021/04/Cuomo.jpg HTTP 301
https://hotair.com/wp-content/uploads/2021/04/Cuomo.jpg

Request Chain 129

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLPSmUjVu2Ye6cubODIYrZhGezazMBO-TtQQJ1-boMocFtaEgOQ6RR7_HLuGgn8rGx5_IhRv4KSVf8hmIgRJ_IhXCT8YuhdffPEhe9M95lT8ByB0NYb77o9M5sfGKwDLSjfxkz2N51-BWWTQpdxvzVFNf4CtC7X6BD39_hOJcF-alJ2O4mct_l06UJqjqwpt1473pSp-jmrCE8JXEJiIzyfybJtdC9pjjAm83EJFmW4IkmHLTx5khJIOJhm21T_EQBwY7dx7nhb-oqAmp0Gy5B2nKCApvAfwwhZkGMwMGuX2zUG1joueVGHw&sai=AMfl-YSmr9mDuPZxd4FdAs2ut67ulQx9n9qI0bYQwQjYbPb8Fvql3BgcfG2gHBh0ICLOs4eYHOPS3IrOD0tzbZdrxiCdu_y4ha1Z5GmddJ9XBBdcV8dPd6H8q6WjYg89nD4&sig=Cg0ArKJSzIlECyKCTx8BEAE&urlfix=1&adurl=https://cdn.saleminteractivemedia.com/199/media/podcasts/dinesh-dsouza-podcast/newstalk-dinesh-dsouza-300x600-1-13-2021.jpg HTTP 302
https://cdn.saleminteractivemedia.com/199/media/podcasts/dinesh-dsouza-podcast/newstalk-dinesh-dsouza-300x600-1-13-2021.jpg

Request Chain 132

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7OgJSV6-S0PmQ9vN6v3oUepzfQeghQXy_3V5D_1oR3eZ_W7psdn3_lDbjjgUaKQcUHgRbICBCrOV-0LfZVPtF0Iv4P4VtPZfwgDFlhiNg7M4ahyiFk-GrW5jc0Nkqc3UyMZCuV09yk6u2GtNeYH3pNa5ojiPh2TdQ0OBUHwprYk4g_eTB1Pqb03zZYM54HjCCiHMdVWsr8YRI35gomLvgfcWR45etYr__vn-jFaSfAjFERowPHSOp9EjIDSImLEpHe5h7eiS6HwNsYWWBwVTJ3h9PHwxdfSGdFvDRuBMAZItNeXr7zGcWNw&sai=AMfl-YQrJkrhfyhgUQS6gUNW3sC__Ssv5SKr4oemxcmaJfZUJ6URlkbCA9RxTGUz0poXAp-auIlH_NQ5W-UWbXCGhjs6-jLK6FbCegvVa1BJV3kXXpHyz_S-yfJt58Vlx7I&sig=Cg0ArKJSzMyzxdPGauPUEAE&urlfix=1&adurl=https://cdn.saleminteractivemedia.com/199/media/podcasts/dinesh-dsouza-podcast/newstalk-dinesh-dsouza-300x300-1-13-2021.jpg HTTP 302
https://cdn.saleminteractivemedia.com/199/media/podcasts/dinesh-dsouza-podcast/newstalk-dinesh-dsouza-300x300-1-13-2021.jpg

Request Chain 144

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=327608680664365&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157a6756386ef8%26domain%3Dam590theanswer.com%26origin%3Dhttps%253A%252F%252Fam590theanswer.com%252Ff19e84500a48ad%26relation%3Dparent.parent&container_width=300&height=400&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fktie590am%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&width=500 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df157a6756386ef8%2526domain%253Dam590theanswer.com%2526origin%253Dhttps%25253A%25252F%25252Fam590theanswer.com%25252Ff19e84500a48ad%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fktie590am%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500

Request Chain 147

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=9EB82C6CD2D7443C859622419ED6F19C

Request Chain 148

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=9EB82C6CD2D7443C859622419ED6F19C HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=9EB82C6CD2D7443C859622419ED6F19C

Request Chain 149

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=9EB82C6CD2D7443C859622419ED6F19C HTTP 302
https://d.agkn.com/pixel/10751/?che=1627876078&ip=37.120.137.5&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164890203866000018908 HTTP 302
https://um.simpli.fi/aa_px?sk=164890203866000018908

Request Chain 151

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=9EB82C6CD2D7443C859622419ED6F19C

Request Chain 154

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=9EB82C6CD2D7443C859622419ED6F19C;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=9EB82C6CD2D7443C859622419ED6F19C;mimetype=img;sr HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=8159760360780221387

Request Chain 155

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=9EB82C6CD2D7443C859622419ED6F19C&j=0

Request Chain 157

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=9EB82C6CD2D7443C859622419ED6F19C

Request Chain 158

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=9EB82C6CD2D7443C859622419ED6F19C

Request Chain 159

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=9EB82C6CD2D7443C859622419ED6F19C HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=9EB82C6CD2D7443C859622419ED6F19C

Request Chain 160

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=9EB82C6CD2D7443C859622419ED6F19C HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=9EB82C6CD2D7443C859622419ED6F19C&dnr=1

Request Chain 161

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=9EB82C6CD2D7443C859622419ED6F19C

Request Chain 162

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1627876078078&cv=7&fst=1627876078078&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=201855669&cv=7&fst=1627876078078&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=7moHYfOeB8WS3gO_6YTwDg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=201855669&cv=7&fst=1627876078078&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7moHYfOeB8WS3gO_6YTwDg&cid=CAQSKQCNIrLMFGgpZpcPV4OkUzWcqPtGeaM8zxfyQ3V3UDD8Fhpf0jKp3B6E&random=2999366536 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=201855669&cv=7&fst=1627876078078&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7moHYfOeB8WS3gO_6YTwDg&cid=CAQSKQCNIrLMFGgpZpcPV4OkUzWcqPtGeaM8zxfyQ3V3UDD8Fhpf0jKp3B6E&random=2999366536&ipr=y

Request Chain 163

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=9EB82C6CD2D7443C859622419ED6F19C HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=9EB82C6CD2D7443C859622419ED6F19C&__user_check__=1&sync_id=6d638332-f344-11eb-872a-16821cb20406

Request Chain 164

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=9EB82C6CD2D7443C859622419ED6F19C HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D9EB82C6CD2D7443C859622419ED6F19C

Request Chain 165

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9EB82C6CD2D7443C859622419ED6F19C&expires=365

Request Chain 166

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=9EB82C6CD2D7443C859622419ED6F19C HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=9EB82C6CD2D7443C859622419ED6F19C

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEEfNy0mZKuPv8Y8hT8eQcYY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9EB82C6CD2D7443C859622419ED6F19C HTTP 302
https://um.simpli.fi/g_match?id=

169 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
am590theanswer.com/
Redirect Chain

http://590ktie.com/
http://www.am590theanswer.com/
https://am590theanswer.com/

74 KB
14 KB

305ms
271ms

Document
text/html

2606:4700:20::681a:e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://am590theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f7fcbbcf38797877a8f0c9c7dcf7b8fee05357080d4409c26eb299fa2cec46b

Security Headers

Name	Value
Content-Security-Policy	default-src https: .sim-cms.net http://sdk.listenlive.co http://.streamtheworld.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https: http://cdn.saleminteractivemedia.com; media-src 'self' blob: data: https: http://.streamtheworld.com; worker-src blob: .sim-cms.net 'self'; font-src data: https://* 'self'
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: am590theanswer.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:53 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnetmvc-version: 5.2
request-context: appId=cid-v1:82653370-b0cd-4f4c-8872-b0311da976c6
access-control-expose-headers: Request-Context
arr-disable-session-affinity: true
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
permissions-policy: autoplay=(self)
content-security-policy: default-src https: *.sim-cms.net http://sdk.listenlive.co http://*.streamtheworld.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https: http://cdn.saleminteractivemedia.com; media-src 'self' blob: data: https: http://*.streamtheworld.com; worker-src blob: *.sim-cms.net 'self'; font-src data: https://* 'self'
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJM0e5o2OKIjuTP7vkdT32aD8jwExakU0gechfRBKnmgovpCHdpmmisEeb%2BWu3kVDk4%2FfODYjIUoLoMPOa4f8BMnZBA76ebAWc2tNaQsIXBkONcXoW8zwVjpp3MQHVZ0mSizZFMLYQa0%2FjPnqWaZ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 678453d20ff896f8-FRA
content-encoding: br

Redirect headers

Date: Mon, 02 Aug 2021 03:47:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 02 Aug 2021 04:47:53 GMT
Location: https://am590theanswer.com/
cf-request-id: 0ba692b71000000621acb51000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arHEhMc7YunPbSBIBnbdCaCXjwILr1zQyBIPCx7FYb9kGGY%2BoXPnxmYO5N9OFPOXIJdUsfqKFunzQSeYxbDQ1P1zHp39z5%2FpMgxVB%2BXKVYjLfeLf5sIRi%2Bf4p3q%2B5VYBBDF7na%2BOj%2BN9AmMZkIFX6RfUm%2Bg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 678453d1b8df0621-FRA

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4ace7eeb3cac9975d9805d2f953c9fb3379b8eaab5b1aca14f7a503b82da881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 03:47:53 GMT
server: ESF
date: Mon, 02 Aug 2021 03:47:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Aug 2021 03:47:53 GMT

GET
H2 200 smart-app-banner.css
cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/ 6 KB
2 KB 23ms
6ms Stylesheet
text/css 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/smart-app-banner.css

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6568273e9d257a19332421d7a519b3ae0f8a564e76aca9f603e848521f341db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 656318
x-jsd-version: 2.0.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1312
etag: W/"18e0-Q3YhhM4JpT5zqjU4KPdCD53yYoM"
x-served-by: cache-fra19152-FRA
x-jsd-version-type: version
date: Mon, 02 Aug 2021 03:47:53 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK head.c534311dbb6000c7ee0e.js Show response
simorigin.blob.core.windows.net/dist/static/js/ 2 KB
2 KB 523ms
111ms Script
application/x-javascript 52.239.154.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://simorigin.blob.core.windows.net/dist/static/js/head.c534311dbb6000c7ee0e.js
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.154.36 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e91e97f32c3d1deb87a6673c372437d179c6c8256ebcbc4db8722e6abdef52d8

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 02 Aug 2021 03:47:53 GMT
Last-Modified: Mon, 02 Aug 2021 03:34:20 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: SXb67709Jdg415caMLKF5w==
ETag: 0x8D955666A275D76
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 251b2e2e-c01e-0005-1051-87fcfc000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 1696

GET
H2 200 ntbase.css
cdn.saleminteractivemedia.com/dist/4d31b684/site-css/2019nt/ 190 KB
32 KB 2145ms
2074ms Stylesheet
text/css 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/dist/4d31b684/site-css/2019nt/ntbase.css?hash=699e2e146d911037ae84
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b6c60b4cbfd369dc4f2171f61364679e512a012e0b9923b676ee05ee80a3072e

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:55 GMT
content-encoding: gzip
content-md5: b+E1qeOUSu5dqCQCf3i2Og==
x-ms-lease-status: unlocked
last-modified: Mon, 02 Aug 2021 03:34:20 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9556669DDBF6A
x-hw: 1627876073.dop126.fr8.t,1627876073.cds218.fr8.hn,1627876075.cds210.fr8.p
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 7f9c25d9-001e-0013-0951-873d62000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 33ms
15ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://am590theanswer.com
Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 39045
cdn-cachedat: 2021-07-24 08:09:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: dee20e6f78ac962f1899ad5bf7a2a66a
cf-ray: 678453d3d8f94e2b-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 a2fee930-b8b0-0136-d8da-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ 3 KB
4 KB 140ms
70ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/a2fee930-b8b0-0136-d8da-06a9ed4ca31b

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

bee03ff2d8109861f8ef2a448b8c841538e03d83cd52a1cf9129d2f4d2f676e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 02 Aug 2021 03:47:54 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3101
x-request-id: FpdgqjU4Sp5HDbYEnR8h
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 widget.js Show response
campaign.aptivada.com/ 74 KB
14 KB 87ms
31ms Script
application/javascript 143.204.98.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.aptivada.com/widget.js
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7bd13a245729dab7cc7ace97ba3c607cb93da725ed88220e7aaf4872a3361f8

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-version-id: o9GG6I.jKXJ6abttQnXcOgEEJ_3EW2zS
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 16:22:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"32c1e9f5d0a579d5fb62a0de1d07f579"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control: max-age=600
date: Mon, 02 Aug 2021 03:47:54 GMT
x-amz-cf-id: rg5Tb7_zmtWSJLHWsHqufQCjI8nrOrm0D7ulCilZYZO2ucSmv9CgfA==

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 368 KB
108 KB 142ms
60ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 29658e011350f297e3c3fd2622df6d294d51f9250dfaf91f2f55bb758f0b0af6

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Mon, 02 Aug 2021 03:47:54 GMT
Content-Encoding: gzip
x-amz-request-id: 0Y72YWKWAV14AR10
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: mxtB0h05KDFCm2TBcsIm7f/Z8YAqipImdYr1Ylrfize41U3EHkgcaE9zHuztRb/M6tqXwt3/HJA=
Last-Modified: Thu, 29 Jul 2021 21:31:31 GMT
Server: AmazonS3
ETag: "42bdec7b0cdf8e087ee8c58776258f36"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 70 KB
25 KB 77ms
29ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

d1bcd853240223d473ee232668b6c16924d2a7910f62f796cd2c03bb3879aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "946 / 580 of 1000 / last-modified: 1627683221"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24675
x-xss-protection: 0
expires: Mon, 02 Aug 2021 03:47:54 GMT

GET
H2 200 smart-app-banner.js Show response
cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/ 25 KB
9 KB 23ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/smart-app-banner.js

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c60bb4ab3dddedd4afb6c16f8ccb89f6cfdb6676014da18669318a15f67e1ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1491113
x-jsd-version: 2.0.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 8896
etag: W/"63df-zaXYbgdCCfJOt2MRbGfFxbMV9Dw"
x-served-by: cache-fra19152-FRA
x-jsd-version-type: version
date: Mon, 02 Aug 2021 03:47:53 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 invitation.ashx Show response
salemlivechat.com/scripts/ 126 KB
43 KB 600ms
573ms Script
text/javascript 2606:4700:20::681a:20a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://salemlivechat.com/scripts/invitation.ashx?company=ktieam
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:20a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: e8131429fa1cca4e679a6792f1b8168da3493fe8daa272baba01f54dacbfb2df

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: UrlRewriter.NET 2.0.0, ASP.NET
p3p: policyref="/w3c/p3p.xml",CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
content-length: 42929
x-ua-compatible: IE=edge
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Znc8lrxCO0hkX5B2smjZOAQwBQbOkGvQkvPWuIRXLCyTEZzH0g%2BY%2BOhVyTfNnYH4nx4Qp4YlstomxLRlgw8YVcjUiML1gb0dz9WVsmapTv1EopHqj7ZXry8N3r%2Bu9xz4y%2FY6OxPUsFy4QIRTVoq"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,no-transform
cf-ray: 678453dc5e6a4e97-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, referring-domain, apexchat-username, apexchat-password, apexchat-company, Authorization

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
33 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PHQZB5G

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42e93bc7503e47faa14f97adbff3ede04558868609a47681c3820df61e213e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33743
x-xss-protection: 0
expires: Mon, 02 Aug 2021 03:47:55 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 85 KB
34 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NK2R6Z2

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c62bfc7ff90c599f2bcf888ffdaf730b121537253bd6768972dfd1e008ba819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34566
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 Aug 2021 03:47:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 681
date: Mon, 02 Aug 2021 03:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Mon, 02 Aug 2021 05:36:34 GMT

GET
H2 200 legacy-main.js Show response
cdn.saleminteractivemedia.com/shared/scripts/ 1 KB
671 B 23ms
22ms Script
application/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/shared/scripts/legacy-main.js
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6d34b7c87a0fb79708d3f672f48dd9e2dd8c5d7244927c30e14fed0d117b7fa5

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:55 GMT
content-encoding: gzip
content-md5: hy56U2P8lFazHn6WtankiA==
content-length: 460
x-ms-lease-status: unlocked
last-modified: Mon, 22 Feb 2021 18:42:22 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8D761977E5A14
x-hw: 1627876075.dop126.fr8.t,1627876075.cds218.fr8.hn,1627876075.cds012.fr8.c
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4d64cc2e-d01e-0038-654b-0949da000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=17679530
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK vendor.b277c96ebd0153da4e7f.js Show response
simorigin.blob.core.windows.net/dist/static/js/ 107 KB
108 KB 442ms
116ms Script
application/x-javascript 52.239.154.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://simorigin.blob.core.windows.net/dist/static/js/vendor.b277c96ebd0153da4e7f.js
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.154.36 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b5a1c8b0ac1fd44b0b494bd51cbf0d303410e4ae2d7827b1059d9013e673dc7b

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 02 Aug 2021 03:47:53 GMT
Last-Modified: Mon, 02 Aug 2021 03:34:20 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Pv/GkQdecaOXfB0NhOUMYA==
ETag: 0x8D955666A2BA449
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: a048eee3-001e-0018-5851-872516000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 110031

GET
H/1.1 200
OK vendors~2018a-2018ccm-2019nt.2f73c59c5cb9263a48dd.js Show response
simorigin.blob.core.windows.net/dist/static/js/ 26 KB
26 KB 444ms
117ms Script
application/x-javascript 52.239.154.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://simorigin.blob.core.windows.net/dist/static/js/vendors~2018a-2018ccm-2019nt.2f73c59c5cb9263a48dd.js
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.154.36 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8e6a2d1bd8e2d064c2a4fda6cf9b91368d53448a8db00ec8f336419ce40dc1fb

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 02 Aug 2021 03:47:53 GMT
Last-Modified: Mon, 02 Aug 2021 03:34:20 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: TxBer17y+Bz6CToTP8JjSQ==
ETag: 0x8D955666A2B5612
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 24afa1e2-701e-0053-7751-87148c000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 26252

GET
H/1.1 200
OK 2018a-2018ccm-2019nt~2021nt~promotions2020~radiohost2020~surround~tuition2020.3d148ec958d956af7961.js Show response
simorigin.blob.core.windows.net/dist/static/js/ 43 KB
43 KB 447ms
115ms Script
application/x-javascript 52.239.154.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://simorigin.blob.core.windows.net/dist/static/js/2018a-2018ccm-2019nt~2021nt~promotions2020~radiohost2020~surround~tuition2020.3d148ec958d956af7961.js
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.154.36 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a70de6f7df22a25af4454d6d4add49c946e6200ce6bf9749821c4bbe1158c115

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 02 Aug 2021 03:47:53 GMT
Last-Modified: Mon, 02 Aug 2021 03:34:20 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Du0WTTHZNOciqhkd+oeC7A==
ETag: 0x8D955666A12229D
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 87f97aa2-801e-0046-2051-87d615000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 43722

GET
H/1.1 200
OK 2018a-2018ccm-2019nt.44a8a2c0513b19319295.js Show response
simorigin.blob.core.windows.net/dist/static/js/ 134 KB
135 KB 462ms
123ms Script
application/x-javascript 52.239.154.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://simorigin.blob.core.windows.net/dist/static/js/2018a-2018ccm-2019nt.44a8a2c0513b19319295.js
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.154.36 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5b3504e045223cbe5c46cb47f8ba6a1e58a4e6b94de84703fef6b0721c983a25

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 02 Aug 2021 03:47:53 GMT
Last-Modified: Mon, 02 Aug 2021 03:34:20 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Nd/cvVNzOcAF6OMpWYMCAQ==
ETag: 0x8D955666A0CA301
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 675a2568-f01e-0060-5b51-874da1000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 137357

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-404425-10&cid=1263304296.1627876076&jid=989965814&gjid=511756680&_gid=749469315.1627876076&_u=IGBAgEABAAAAAE~&z=1640999304

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 02 Aug 2021 03:47:55 GMT
content-type: text/plain
access-control-allow-origin: https://am590theanswer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 26ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1719581698&t=pageview&_s=1&dl=https%3A%2F%2Fam590theanswer.com%2F&ul=en-us&de=UTF-8&dt=AM%20590%20The%20ANSWER%20%7C%20AM%20590%20The%20ANSWER%20-%20Inland%20Empire%2C%20CA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAAEABAAAAAG~&jid=922332419&gjid=1957649193&cid=1263304296.1627876076&tid=UA-22249776-3&_gid=749469315.1627876076&_r=1&_slc=1&z=1935563356

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://am590theanswer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 23ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1719581698&t=pageview&_s=1&dl=https%3A%2F%2Fam590theanswer.com%2F&ul=en-us&de=UTF-8&dt=AM%20590%20The%20ANSWER%20%7C%20AM%20590%20The%20ANSWER%20-%20Inland%20Empire%2C%20CA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAAEABAAAAAG~&jid=583831085&gjid=1394736500&cid=1263304296.1627876076&tid=UA-34961268-2&_gid=749469315.1627876076&_r=1&_slc=1&z=1405812864

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://am590theanswer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1719581698&t=pageview&_s=1&dl=https%3A%2F%2Fam590theanswer.com%2F&ul=en-us&de=UTF-8&dt=AM%20590%20The%20ANSWER%20%7C%20AM%20590%20The%20ANSWER%20-%20Inland%20Empire%2C%20CA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=989965814&gjid=511756680&cid=1263304296.1627876076&tid=UA-404425-10&_gid=749469315.1627876076&z=227429590

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 22:43:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18252
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-404425-10&cid=1263304296.1627876076&jid=989965814&_u=IGBAgEABAAAAAE~&z=1453330259

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-404425-10&cid=1263304296.1627876076&jid=989965814&_u=IGBAgEABAAAAAE~&z=1453330259

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 28ms
14ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-34961268-2&cid=1263304296.1627876076&jid=583831085&gjid=1394736500&_gid=749469315.1627876076&_u=IGDAAEABAAAAAG~&z=1196444525

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 02 Aug 2021 03:47:56 GMT
content-type: text/plain
access-control-allow-origin: https://am590theanswer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 28ms
15ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-22249776-3&cid=1263304296.1627876076&jid=922332419&gjid=1957649193&_gid=749469315.1627876076&_u=IGDAAEABAAAAAG~&z=2139964027

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 02 Aug 2021 03:47:56 GMT
content-type: text/plain
access-control-allow-origin: https://am590theanswer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _ts2.js Show response
content.cdn.targetspot.com/content/act/beacon/ 1 KB
807 B 28ms
6ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://content.cdn.targetspot.com/content/act/beacon/_ts2.js

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

a68bb88cb8ab82781248447ef4bcebf56473589faf539348d35298b9e3d2727a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:56 GMT
content-encoding: gzip
last-modified: Thu, 18 May 2017 15:33:52 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"591dbee0-413"
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://content-origin.cdn.targetspot.com/content/act/beacon/_ts2.js>; rel="canonical"
x-xss-protection: 1; mode=block
expires: Mon, 09 Aug 2021 03:47:56 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v22/ 18 KB
19 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://am590theanswer.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 20:01:36 GMT
x-content-type-options: nosniff
age: 546380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18924
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:08:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 20:01:36 GMT

GET
H3-29 200 pubads_impl_2021072801.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
113 KB 37ms
36ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

7a55fbb0fb94ea6ed9f0c1dcbca21e2b25263e908910b76723004db784786ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Jul 2021 08:38:40 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115904
x-xss-protection: 0
expires: Mon, 02 Aug 2021 03:47:56 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 37 B
77 B 36ms
36ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=am590theanswer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f3d2b1b1eceb88b8666cb9805ef52fed8218adb3b9b228a249846986c7389946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53
x-xss-protection: 0
expires: Mon, 02 Aug 2021 03:47:56 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://am590theanswer.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 552092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 18:26:24 GMT

GET
H/1.1 200
OK / Show response
node.targetspot.com/userdata/ 143 B
603 B 454ms
117ms Script
text/html 31.12.71.114
RNGROUP

General

Check archive.org

Show headers Download Go to

Full URL: https://node.targetspot.com/userdata/?callback=tsCookieCallback
Requested by: Host: content.cdn.targetspot.com
URL: https://content.cdn.targetspot.com/content/act/beacon/_ts2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.12.71.114 New York, United States, ASN202708 (RNGROUP, BE),
Reverse DNS
Software: / Express
Resource Hash: 6103116ae35b8f6db6ca44c7d5b0ec491e7f117d05cc1d416197225a733d52d3

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 02 Aug 2021 03:28:18 GMT
x-powered-by: Express
content-length: 143
content-type: text/html; charset=utf-8

GET
H2 200 iframeLoader.gif
cdn2.aptivada.com/images/ 30 KB
30 KB 96ms
26ms Image
image/gif 143.204.98.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.aptivada.com/images/iframeLoader.gif
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-69.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1f249cee33aff42da2e5f6604dc634201055f121a795c3d5d3ef292de7a2081

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 06:34:21 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Fri, 20 Apr 2018 06:54:22 GMT
server: AmazonS3
age: 594816
etag: "5f587297cec677d528a5fb6f7184ff5e"
x-cache: Hit from cloudfront
x-amz-version-id: wWpi.PVolYNt17y93yspJcx5ZO5Tq8hV
cache-control: max-age=15780000, s-maxage=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
content-length: 30578
x-amz-cf-id: DB5RjVrsF0BFZqXbXCugpb--GXU0enObIT3DSRHL6Yp_tIi_-812oA==

GET
H2 200 icomoon.woff
cdn.saleminteractivemedia.com/content/icomoon/fonts/ 11 KB
12 KB 73ms
26ms Font
application/octet-stream 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/content/icomoon/fonts/icomoon.woff
Requested by: Host: cdn.saleminteractivemedia.com
URL: https://cdn.saleminteractivemedia.com/dist/4d31b684/site-css/2019nt/ntbase.css?hash=699e2e146d911037ae84
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e192e9bb0ba15bae8d7be37f723cdcee07798ba5557220717f41e3e74e9d8831

Request headers

Origin: https://am590theanswer.com
Referer: https://cdn.saleminteractivemedia.com/dist/4d31b684/site-css/2019nt/ntbase.css?hash=699e2e146d911037ae84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: jOiWhN4WpWfSJgtEPcvj4w==
content-length: 11508
x-ms-lease-status: unlocked
last-modified: Tue, 15 Jun 2021 00:42:58 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D92F9685EBBF16
x-hw: 1627876076.dop204.fr8.t,1627876076.cds267.fr8.hn,1627876076.cds148.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: ec01e1d4-101e-0043-2386-61226a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=27380790
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 22ms
15ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://am590theanswer.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:56 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601
access-control-allow-origin: *
cdn-proxyver: 1.0
cdn-cachedat: 07/30/2021 23:29:19
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 29bdd9f506d66416419c340ad8f5e9b3
accept-ranges: bytes
cf-ray: 678453e55c952bca-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v27/ 17 KB
17 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://am590theanswer.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 19:20:02 GMT
x-content-type-options: nosniff
age: 548874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 19:20:02 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: simorigin.blob.core.windows.net
URL: https://simorigin.blob.core.windows.net/dist/static/js/2018a-2018ccm-2019nt.44a8a2c0513b19319295.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c5985fe8e7ef7006e1cb3aad901bf7e63b883127934e8a5cd29fa4c6d126c2ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: DopPuPodgAmOIbqrgRtGag==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: IKjl3ldUXDMyweQrDa9/6otUbH37sd5kPLFtmxKZUpkZQYn71is3+IiaJAbx2XKwmtlShX9IBtPIENVZEVQ5bQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 2d46a764ec9707092983131345184d41
x-frame-options: DENY
date: Mon, 02 Aug 2021 03:47:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "fd951665b0481d60ffbb8998a1815669"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 02 Aug 2021 03:52:19 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://am590theanswer.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 488875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 12:00:01 GMT

GET
H3-29 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v22/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://am590theanswer.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 08:34:22 GMT
x-content-type-options: nosniff
age: 501214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19300
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:09:53 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 08:34:22 GMT

POST
H2 200 getprogramguideinfo Show response
am590theanswer.com/ 654 B
639 B 232ms
231ms XHR
application/json 2606:4700:20::681a:e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://am590theanswer.com/getprogramguideinfo

Requested by

Host: simorigin.blob.core.windows.net
URL: https://simorigin.blob.core.windows.net/dist/static/js/vendor.b277c96ebd0153da4e7f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1bc608f39e05ce4c24b3d10f2a9e4cde8b8ed6c96ea700ad03a6f79a971ef50

Security Headers

Name	Value
Content-Security-Policy	default-src https: .sim-cms.net http://sdk.listenlive.co http://.streamtheworld.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https: http://cdn.saleminteractivemedia.com; media-src 'self' blob: data: https: http://.streamtheworld.com; worker-src blob: .sim-cms.net 'self'; font-src data: https://* 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://am590theanswer.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: _ga=GA1.2.1263304296.1627876076; _gid=GA1.2.749469315.1627876076; _gat=1; _gat_NewsTalkTracker=1; _gat_AllStationsTracker=1
content-length: 25
:path: /getprogramguideinfo
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
content-type: application/json;charset=UTF-8
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: am590theanswer.com
referer: https://am590theanswer.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/plain, */*
Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 02 Aug 2021 03:47:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
arr-disable-session-affinity: true
request-context: appId=cid-v1:82653370-b0cd-4f4c-8872-b0311da976c6
referrer-policy: no-referrer-when-downgrade
x-aspnetmvc-version: 5.2
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BTpzjHf08q%2BaQarKKWoJegBVGTy%2FbYQ7KLelmOqfXX2SgyUKdfAsIJvLOLTbNi8w9erMqn2Uvb7SFDvIp6m4fu%2FkPRnaQk0eNFtvb4nmhsV7w%2BKPdXdxFh0POgNcqrcoY66lYqCkyFL2uUb2EXmoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
permissions-policy: autoplay=(self)
content-security-policy: default-src https: *.sim-cms.net http://sdk.listenlive.co http://*.streamtheworld.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https: http://cdn.saleminteractivemedia.com; media-src 'self' blob: data: https: http://*.streamtheworld.com; worker-src blob: *.sim-cms.net 'self'; font-src data: https://* 'self'
cf-ray: 678453e5bbe896f8-FRA

GET
H2 200 template3_logo.png
cdn.saleminteractivemedia.com/shared/images/logos/217/ 15 KB
15 KB 467ms
464ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/shared/images/logos/217/template3_logo.png
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 88ef30cb6c7c78b00155382ddd1a0d2dd5523288e32dfae320c45a883bd1e386

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: EoYwnj70J7oac7dshucMXA==
content-length: 14914
x-ms-lease-status: unlocked
last-modified: Wed, 17 Jul 2019 14:54:46 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D70AC6B597130B
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds206.fr8.p
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: c0891266-301e-0054-1551-87e209000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 header-background-image.png
cdn.saleminteractivemedia.com/217/media/site-assets/ 54 KB
55 KB 684ms
681ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/media/site-assets/header-background-image.png
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: afa71ef0f9c26f776c1d894465ae75475d82defbce97394fdbb11dd0bbc6356a

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:57 GMT
content-md5: GZiF1fWf/9eAiWfBFRFkmw==
x-ms-meta-uploadedby: Hanlon,John
content-length: 55806
x-ms-lease-status: unlocked
last-modified: Wed, 29 Jul 2020 17:32:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D833E55315C92C
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds285.fr8.p
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 0dcf274e-601e-0008-7551-8713f0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 play-button.png
cdn.saleminteractivemedia.com/shared/images/ 2 KB
2 KB 33ms
29ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/shared/images/play-button.png
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 27b65ea8c6cceebb6e32225e0dacd973a6358953d5c3b55841a685eb0a12d055

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: iK52X5B86FHk7qX9XxbesA==
content-length: 1851
x-ms-lease-status: unlocked
last-modified: Fri, 26 Oct 2018 17:40:26 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D63B6A1D42BC9E
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds141.fr8.c
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 00d092eb-001e-0013-6526-5d3d62000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=26899677
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 unite-ie-2021-hero-image-1200x600-generic-no-hosts.jpg
cdn.saleminteractivemedia.com/217/content/246210/ 117 KB
117 KB 500ms
496ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/content/246210/unite-ie-2021-hero-image-1200x600-generic-no-hosts.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1a8b7c501bafe94b927626c703a5657adc1037463d95a11b761ca6a5d3233f76

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: MCNxWJzTSqOCoDwse5fD7w==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 119698
x-ms-lease-status: unlocked
last-modified: Thu, 08 Jul 2021 19:06:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D94243772816FB
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds292.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 387ae8b3-401e-003d-7951-87bda5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ktie-2021-hot-hero-1200x600-rev-1.jpg
cdn.saleminteractivemedia.com/217/content/240096/ 124 KB
124 KB 692ms
689ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/content/240096/ktie-2021-hot-hero-1200x600-rev-1.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d31d6b4a3a1766ba797d54f1750b8f4cf4eb2597df8bd4a698d938915335d087

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:57 GMT
content-md5: S+55geFv46mAf38qDciJ2g==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 127188
x-ms-lease-status: unlocked
last-modified: Tue, 02 Feb 2021 19:52:30 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8C7B41369C868
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876077.cds205.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 50dd7ddf-801e-002b-2a51-877c3b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 regnery-august-2021-hollowed-out-880x440-8-1-2021.jpg
cdn.saleminteractivemedia.com/199/content/247210/ 37 KB
38 KB 38ms
33ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/199/content/247210/regnery-august-2021-hollowed-out-880x440-8-1-2021.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4b3c8fc7aa697d868700f8f06c5b7ea853d2ce17f4b472a74bb00dd775b12873

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: LMmZ7b1SfXowy6qyol1FSQ==
x-ms-meta-uploadedby: Hanlon,John
content-length: 38182
x-ms-lease-status: unlocked
last-modified: Thu, 29 Jul 2021 18:36:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D952BFCDCACB03
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds102.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: da6adda4-c01e-002c-77ee-868abe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ie-digital-marketing-rep-recruitment-hero-image-la-ver-1200x600-rev-1.jpg
cdn.saleminteractivemedia.com/217/content/235613/ 118 KB
118 KB 452ms
448ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/content/235613/ie-digital-marketing-rep-recruitment-hero-image-la-ver-1200x600-rev-1.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 640ac81d7183170a72406a72a71eeedcff7ae103acb6cc6563506cc56d39abdd

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: EReNik9YBYUOdpdtElzL4w==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 120628
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 20:01:54 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D905C97A0D276E
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds015.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 4ea67063-701e-001c-1751-87d094000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ttvipex-ad-set880x440.jpg
cdn.saleminteractivemedia.com/199/content/245999/ 43 KB
43 KB 46ms
42ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/199/content/245999/ttvipex-ad-set880x440.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5661fb22a65ae1c4a18a8520255e5c79610a9f819ffed67440eed9849a8144cf

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: oqmjIdkh5zQeBeJWEy6H7A==
x-ms-meta-uploadedby: Schweinsburg,Larry
content-length: 44222
x-ms-lease-status: unlocked
last-modified: Wed, 30 Jun 2021 02:03:45 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D93B6B4AF6BCD2
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds167.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: f859b1c6-301e-0054-2e6c-84e209000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 weekend-answer-with-garrett-fahy-400x300-show-image.jpg
cdn.saleminteractivemedia.com/217/host/ 32 KB
32 KB 482ms
478ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/host/weekend-answer-with-garrett-fahy-400x300-show-image.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ee8a661bb09779fdb6d381d2f2f31e436d510e3de1f6ceefbc440ceda2b658b3

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: /5fXkO2keBmRjM8UYkaGLQ==
content-length: 32889
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 14:27:44 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B15D7B4572A
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds138.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 4ea67077-701e-001c-2951-87d094000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 billie-miles-miles-finhost-photo-layout.jpg
cdn.saleminteractivemedia.com/217/host/ 26 KB
26 KB 673ms
668ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/host/billie-miles-miles-finhost-photo-layout.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: dafbac9b4d63f4a36178152b1acbf141e7591f73021454b79168572ec4fb3f8d

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:57 GMT
content-md5: jouEXJ3t+ryKG+wnmoYiKg==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 26442
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 14:26:30 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B15AB69481B
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds285.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: dc94e27b-401e-0050-8051-87178b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ted-butler-host-photo.jpg
cdn.saleminteractivemedia.com/217/host/ 26 KB
26 KB 679ms
675ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/host/ted-butler-host-photo.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7b7b4ee1e773ba149fdc016727a2405b013b3c216aa995851ac099bded801046

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:57 GMT
content-md5: 1qFfbTpIWLMsw2cQXk3wGA==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 26335
x-ms-lease-status: unlocked
last-modified: Fri, 23 Apr 2021 04:07:48 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9060D5B833A45
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds017.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: dc94e282-401e-0050-0551-87178b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 neal-patrick-road-map-to-real-estate-host-photo.jpg
cdn.saleminteractivemedia.com/217/host/ 48 KB
48 KB 465ms
461ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/host/neal-patrick-road-map-to-real-estate-host-photo.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 87e33fae22ea5f6910393a04162c22ec211dd94549c06bd2bf5ca9a0d4c9e308

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: t7WZ2oIobkzC75O3rhrSOg==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 49352
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 14:27:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B15C6ABF684
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds143.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 10d008d3-d01e-0033-2451-8751ae000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 dollars-with-decker-host-photo.jpg
cdn.saleminteractivemedia.com/217/host/ 25 KB
25 KB 496ms
492ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/host/dollars-with-decker-host-photo.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ea7376f6e8106b5f4212eff47785be3062baeb6dfef754f4602dc61f802f3b9f

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: 7g2yS2Js55Jnrc9MN4bA+Q==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 25611
x-ms-lease-status: unlocked
last-modified: Fri, 21 May 2021 03:58:27 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D91C0CB0689E4D
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds132.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 573d941f-201e-004b-1651-873919000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 weekends-with-larry-marino-host-graphic.jpg
cdn.saleminteractivemedia.com/217/host/ 31 KB
31 KB 679ms
674ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/host/weekends-with-larry-marino-host-graphic.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c96ae8acfabb6704848c4c6c5cd099bfc8a407531e8fb27c91824a0e192d685b

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:57 GMT
content-md5: Adk+DLHrhIBJNuRcBQn4eQ==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 31851
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 00:13:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8D8590F3C0889
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds007.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 5dca45d9-f01e-0042-6a51-872397000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 mike-gallagher-2021-host-photo.jpg
cdn.saleminteractivemedia.com/217/host/ 24 KB
24 KB 530ms
526ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/host/mike-gallagher-2021-host-photo.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22fe33cf967af3167d0368ec7f178e7ac33ee94e0520b642fa54c92f0ff4baba

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: s8GlK8hrTYxvZi7KPTt+AQ==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 24595
x-ms-lease-status: unlocked
last-modified: Mon, 05 Apr 2021 18:02:08 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8F85CEDC52F27
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds231.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: cd5b3460-b01e-0023-2c51-876748000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 hugh-hewitt-host-photo-layout.jpg
cdn.saleminteractivemedia.com/217/host/ 27 KB
27 KB 54ms
50ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/host/hugh-hewitt-host-photo-layout.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0c2366804414e0dae17fd21077a8f21ea3816a88c305a3e0dc6766fae97af063

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: /fyR3AiTd95PjMod+8tHwA==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 27724
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 14:26:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B15BA915051
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds128.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: e507539e-101e-0025-3cd4-789030000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=29943289
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 jen-don-host-photo-layout.jpg
cdn.saleminteractivemedia.com/217/host/ 33 KB
33 KB 476ms
473ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/host/jen-don-host-photo-layout.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7cceb2a303b8eb788e9ea5da76de6c7807897cc31fa7360b278d4d2c71885fd4

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: 9STEez+r9OhkOGPeytekpg==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 33942
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 14:26:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B15BD343DB7
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds098.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: d243b67d-901e-0016-5151-87c91d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 eric-metaxas-host-photo-layout.jpg
cdn.saleminteractivemedia.com/217/host/ 29 KB
30 KB 464ms
461ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/host/eric-metaxas-host-photo-layout.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d938c439822d73f57bc1244faf8735dbd80feddd14b266ba613187b78015ce7d

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: wC/WIR3PRdr0Ffzv6Z7jZQ==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 30138
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 14:26:45 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B15B47701B4
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds158.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 62f86b39-701e-003e-7e51-87bea2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 unite-ie-2021-thumbnail-400x400-no-groka-rev-1.jpg
cdn.saleminteractivemedia.com/217/content/246210/ 45 KB
45 KB 595ms
592ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/content/246210/unite-ie-2021-thumbnail-400x400-no-groka-rev-1.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5b962df63d5297c565df3aecdd94ad3c727a84cdc53fe58b1727a7fec33e47b5

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:57 GMT
content-md5: hW/98yxYLAR+MrUuDj+ryw==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 45878
x-ms-lease-status: unlocked
last-modified: Mon, 05 Jul 2021 04:14:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D93F6B5A05E891
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds286.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 6b8d2c7d-401e-005b-5b51-870fff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 am590-newsletter-promotion-hero-image-1200x600.jpg
cdn.saleminteractivemedia.com/217/content/244318/ 160 KB
160 KB 466ms
463ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/content/244318/am590-newsletter-promotion-hero-image-1200x600.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0e93d021d6a86ed31a49fbb62586483cc41426405a1de4a2ff12f7397632c108

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: kGvHiLtijT09XtLJAq21pw==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 163530
x-ms-lease-status: unlocked
last-modified: Thu, 13 May 2021 20:14:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9164BC86E9FB5
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds231.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 92c32105-b01e-004e-7751-87cd66000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 safe-at-home-hero-image-1200x600.jpg
cdn.saleminteractivemedia.com/217/content/226998/ 182 KB
182 KB 481ms
478ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/content/226998/safe-at-home-hero-image-1200x600.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: dea5f0f3aa6c54bd937e9707972ec0534d5c5703d8cd3e3fd2809b571307f44e

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: /pVRtvYPJDv0YO8UCOotAw==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 185912
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 14:25:44 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B158FFF31E8
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds281.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 739d3c72-901e-003f-5151-87bf5f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 b2ae9041-ee14-41e7-add2-43fb07e7ab76.jpg
media.townhall.com/townhall/reu/ha/2017/27/ 58 KB
58 KB 76ms
28ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.townhall.com/townhall/reu/ha/2017/27/b2ae9041-ee14-41e7-add2-43fb07e7ab76.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: nginx /
Resource Hash: 5ae6004ffd3447dbd1c28ca9fdfb81b38f7866cff33fbc373e608b3d07420586

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:56 GMT
server: nginx
x-img: thmbor3
etag: "8b16071a268795dc9543a8ba4fb09be046aa05fc"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-length: 59379
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-tag: img
x-hw: 1627876076.dop204.fr8.t,1627876076.cds220.fr8.hn,1627876076.cds236.fr8.c

GET
H2 200 fb09597c-3881-4144-855c-331116e8fe20.jpg
media.townhall.com/townhall/reu/ha/2018/11/ 74 KB
74 KB 100ms
52ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.townhall.com/townhall/reu/ha/2018/11/fb09597c-3881-4144-855c-331116e8fe20.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: nginx /
Resource Hash: 7f992fe95c9e5b419c509f7907df190b72a930f67f37cd2e0dedd8236a6708ee

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:56 GMT
server: nginx
x-img: thmbor3
etag: "2558fdbd43f4992b1d1b93ff2eec819f0ad97a34"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-length: 75621
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-tag: img
x-hw: 1627876076.dop204.fr8.t,1627876076.cds220.fr8.hn,1627876076.cds008.fr8.c

GET
H3-29

200

jm-1.jpeg
hotair.com/wp-content/uploads/2021/03/
Redirect Chain

https://hotair.com/wp/wp-content/uploads/2021/03/jm-1.jpeg
https://hotair.com/wp-content/uploads/2021/03/jm-1.jpeg

31 KB
31 KB

411ms
401ms

Image
image/jpeg

2606:4700::6812:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hotair.com/wp-content/uploads/2021/03/jm-1.jpeg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9e0262b37f92f5d8e1de10a72b3104be5c753e35e4e35d0febc543864d0b0a4

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:57 GMT
cf-cache-status: REVALIDATED
cf-polished: status=not_needed
x-soup: no
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 31422
last-modified: Wed, 07 Apr 2021 23:34:42 GMT
server: cloudflare
etag: "606e4192-7abe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 10 Aug 2021 03:47:57 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 678453e88d71c2bd-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

date: Mon, 02 Aug 2021 03:47:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
location: https://hotair.com/wp-content/uploads/2021/03/jm-1.jpeg
x-soup: no
cf-ray: 678453e5eb1e0629-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29

200

Cuomo.jpg
hotair.com/wp-content/uploads/2021/04/
Redirect Chain

https://hotair.com/wp/wp-content/uploads/2021/04/Cuomo.jpg
https://hotair.com/wp-content/uploads/2021/04/Cuomo.jpg

22 KB
23 KB

428ms
418ms

Image
image/jpeg

2606:4700::6812:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hotair.com/wp-content/uploads/2021/04/Cuomo.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a31389ea333c78114749b9901e26fbe26e110c54d27b25bbfa2e8bc2dad1673f

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:57 GMT
cf-cache-status: REVALIDATED
cf-polished: status=not_needed
x-soup: no
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22773
last-modified: Wed, 07 Apr 2021 23:40:50 GMT
server: cloudflare
etag: "606e4302-58f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 10 Aug 2021 03:47:57 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 678453e88d73c2bd-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

date: Mon, 02 Aug 2021 03:47:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
location: https://hotair.com/wp-content/uploads/2021/04/Cuomo.jpg
x-soup: no
cf-ray: 678453e5eb1f0629-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 washington-capitol-1000x500.jpg
cdn.saleminteractivemedia.com/245/content/246885/ 130 KB
130 KB 59ms
57ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/245/content/246885/washington-capitol-1000x500.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a6727d298b60af4a31f4cd9cc7e7be6bb67b28f6eb1dad02761d80c3f16e3409

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: KwKarIbqqiJ/S7CntvgydQ==
x-ms-meta-uploadedby: Hanlon,John
content-length: 132851
x-ms-lease-status: unlocked
last-modified: Thu, 22 Jul 2021 13:31:23 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D94D14FFDAFD5A
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds221.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 8f974d16-201e-0062-3f87-844f5b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 2-white-house-1000x500.jpg
cdn.saleminteractivemedia.com/245/content/246444/ 126 KB
126 KB 70ms
68ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/245/content/246444/2-white-house-1000x500.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5d0b866d1a4293f0bc5e91c15ce8cabf047572c970dc7f9f9781132a8a51cad5

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: QjLU/sava8F+tuF6cGVT2w==
x-ms-meta-uploadedby: Hanlon,John
content-length: 128813
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jul 2021 12:59:31 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D94534E3B544C7
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds202.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 9cb24b9c-101e-0025-5a37-829030000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 2-moviegoes-excited-1000x500.jpg
cdn.saleminteractivemedia.com/245/content/247247/ 59 KB
59 KB 79ms
76ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/245/content/247247/2-moviegoes-excited-1000x500.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 38541b7231a54844b494f355965a53abe80eb0c6146d398a9b3e28ecf349a7f3

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: YLYppy+fl/ou37C/Ce0WpQ==
x-ms-meta-uploadedby: Hanlon,John
content-length: 60359
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jul 2021 13:28:28 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9535DEA7CA96E
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds229.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: a6e0f236-d01e-0011-7e63-853f98000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 2-cinema-crowd-1000x500.jpg
cdn.saleminteractivemedia.com/245/content/246367/ 86 KB
86 KB 79ms
77ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/245/content/246367/2-cinema-crowd-1000x500.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5594851d9deccf1c4fd1f877582c290165acfd718725172aac1fd30d6f987379

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: aZeBPWLjsUgtaqnMzfSkVQ==
x-ms-meta-uploadedby: Hanlon,John
content-length: 87609
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jul 2021 03:03:35 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9428624366472
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds102.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 06d1bbf2-901e-0034-07bf-86a72b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 2-1000x500-director9.jpg
cdn.saleminteractivemedia.com/245/content/245994/ 42 KB
42 KB 79ms
77ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/245/content/245994/2-1000x500-director9.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f99976fe688459a652c025777e49a8ef4a6243cc00f520410aa6e8283c4ccac8

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: Az9xyp99wMpRiKGOZf2CNw==
x-ms-meta-uploadedby: Hanlon,John
content-length: 43133
x-ms-lease-status: unlocked
last-modified: Tue, 29 Jun 2021 23:08:48 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D93B52DA8C837A
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds240.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: cae52eda-a01e-003c-485d-84bc58000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 military-1000x500.jpg
cdn.saleminteractivemedia.com/245/content/245944/ 70 KB
70 KB 79ms
77ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/245/content/245944/military-1000x500.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3a6578d074635f4695440048f1e00c8dbe61e0f6509517ac1e4b64b414906c68

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: ItQSpFu7As4N/dPyDPQNjg==
x-ms-meta-uploadedby: Hanlon,John
content-length: 71939
x-ms-lease-status: unlocked
last-modified: Mon, 28 Jun 2021 19:17:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D93A694F4F94AB
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds266.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 477b2fa9-501e-000b-62c9-8210f7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 carl-jackson-host-photo.jpg
cdn.saleminteractivemedia.com/217/host/ 29 KB
29 KB 88ms
87ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/host/carl-jackson-host-photo.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 524e34fa90333253ca63c62d3099f493aa95088dae80f1e74e6d0be4beba8ffb

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: WW0z/gxjuyDFCvUfuSg6Yg==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 29324
x-ms-lease-status: unlocked
last-modified: Wed, 14 Jul 2021 00:22:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9465D6C3A38C3
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds008.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: e1d70556-101e-0048-5278-823a1e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 640x480.jpg
content.swncdn.com/zcast/oneplace/host-images/truth-for-life/ 48 KB
48 KB 80ms
31ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.swncdn.com/zcast/oneplace/host-images/truth-for-life/640x480.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: nginx /
Resource Hash: b98761142d68227621ff6da74e96a4e155d578e4cb98316fac267602eabc426f

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:56 GMT
last-modified: Wed, 18 Sep 2019 09:12:35 GMT
server: nginx
content-md5: I97SpUubYX6FhVxHNguV8g==
etag: 0x8D73C18583E740E
x-hw: 1627876076.dop204.fr8.t,1627876076.cds248.fr8.hn,1627876076.cds001.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
content-length: 48969

GET
H2 200 dennis-prager-host-photo-layout.jpg
cdn.saleminteractivemedia.com/217/host/ 27 KB
28 KB 468ms
466ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/217/host/dennis-prager-host-photo-layout.jpg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b8b3e2cbf40fb53ba6741572752df6d6c2a68f790e8f1789073bcfeb9abdc0c7

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:56 GMT
content-md5: oj6bzhCyvr7GTTxu6X7a8w==
x-ms-meta-uploadedby: Tinker,Jim
content-length: 28000
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 14:26:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B15AF72FAC1
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds239.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: e4fa0b74-201e-000f-7351-87e575000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 info.php Show response
aptivada.com/promo/ Frame D7B5 997 B
669 B 649ms
263ms Document
text/html 52.89.90.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aptivada.com/promo/info.php?widget_id=546&widget_type=widget&app_type=&environment=external
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.90.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-90-136.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 8a2083041b023312542c5a1db8b8623278ab070daa2692e5545b27f839391c6b

Request headers

:method: GET
:authority: aptivada.com
:scheme: https
:path: /promo/info.php?widget_id=546&widget_type=widget&app_type=&environment=external
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am590theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://am590theanswer.com/

Response headers

date: Mon, 02 Aug 2021 03:47:57 GMT
content-type: text/html; charset=UTF-8
content-length: 544
server: Apache
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 info.php Show response
aptivada.com/promo/ Frame F71E 1 KB
743 B 626ms
241ms Document
text/html 52.89.90.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aptivada.com/promo/info.php?widget_id=652&widget_type=widget&app_type=&environment=external
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.90.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-90-136.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 46d7396d794b034396dfb07428ccb8fa9243206f0d417875d7f85ca11c5e8f2f

Request headers

:method: GET
:authority: aptivada.com
:scheme: https
:path: /promo/info.php?widget_id=652&widget_type=widget&app_type=&environment=external
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am590theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://am590theanswer.com/

Response headers

date: Mon, 02 Aug 2021 03:47:56 GMT
content-type: text/html; charset=UTF-8
content-length: 617
server: Apache
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 t Show response
jadserve.postrelease.com/ 3 KB
2 KB 366ms
141ms Script
text/javascript 18.209.200.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fam590theanswer.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-200-15.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 788f67804a96ae5ff4f40ebdeb1f4311c3e24956f99b8d740db566b97c32c990

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:56 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 1076
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 playbuttonwhite.svg Show response
cdn.saleminteractivemedia.com/shared/images/ Frame 05DC 692 B
886 B 23ms
23ms Document
image/svg+xml 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f2deec38d725198ee9c7eb5dec721c4192d2484a15d6ea2985c1a8c2adb12510

Request headers

:method: GET
:authority: cdn.saleminteractivemedia.com
:scheme: https
:path: /shared/images/playbuttonwhite.svg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: object
referer: https://am590theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://am590theanswer.com/

Response headers

date: Mon, 02 Aug 2021 03:47:56 GMT
content-length: 692
content-type: image/svg+xml
last-modified: Mon, 10 Dec 2018 18:13:54 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
etag: 0x8D65ECB3EEA4474
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ad935bbe-c01e-004a-66b2-8338e4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds273.fr8.c

GET
H2 200 playbuttonwhite.svg Show response
cdn.saleminteractivemedia.com/shared/images/ Frame D5A8 692 B
761 B 27ms
26ms Document
image/svg+xml 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f2deec38d725198ee9c7eb5dec721c4192d2484a15d6ea2985c1a8c2adb12510

Request headers

:method: GET
:authority: cdn.saleminteractivemedia.com
:scheme: https
:path: /shared/images/playbuttonwhite.svg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: object
referer: https://am590theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://am590theanswer.com/

Response headers

date: Mon, 02 Aug 2021 03:47:56 GMT
content-length: 692
content-type: image/svg+xml
last-modified: Mon, 10 Dec 2018 18:13:54 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
etag: 0x8D65ECB3EEA4474
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ad935bbe-c01e-004a-66b2-8338e4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds273.fr8.c

GET
H2 200 playbuttonwhite.svg Show response
cdn.saleminteractivemedia.com/shared/images/ Frame A378 692 B
761 B 24ms
24ms Document
image/svg+xml 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f2deec38d725198ee9c7eb5dec721c4192d2484a15d6ea2985c1a8c2adb12510

Request headers

:method: GET
:authority: cdn.saleminteractivemedia.com
:scheme: https
:path: /shared/images/playbuttonwhite.svg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: object
referer: https://am590theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://am590theanswer.com/

Response headers

date: Mon, 02 Aug 2021 03:47:56 GMT
content-length: 692
content-type: image/svg+xml
last-modified: Mon, 10 Dec 2018 18:13:54 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
etag: 0x8D65ECB3EEA4474
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ad935bbe-c01e-004a-66b2-8338e4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds273.fr8.c

GET
H2 200 playbuttonwhite.svg Show response
cdn.saleminteractivemedia.com/shared/images/ Frame B949 692 B
761 B 24ms
24ms Document
image/svg+xml 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f2deec38d725198ee9c7eb5dec721c4192d2484a15d6ea2985c1a8c2adb12510

Request headers

:method: GET
:authority: cdn.saleminteractivemedia.com
:scheme: https
:path: /shared/images/playbuttonwhite.svg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: object
referer: https://am590theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://am590theanswer.com/

Response headers

date: Mon, 02 Aug 2021 03:47:56 GMT
content-length: 692
content-type: image/svg+xml
last-modified: Mon, 10 Dec 2018 18:13:54 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
etag: 0x8D65ECB3EEA4474
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ad935bbe-c01e-004a-66b2-8338e4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-hw: 1627876076.dop126.fr8.t,1627876076.cds218.fr8.hn,1627876076.cds273.fr8.c

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: KYkd28+fWoZVfvsINJNwKJn8oKIWVs4IESB/ti7EkdfOIr3YfXp5epnHFh5gfHTvOPz3iVBvnpGW+1KBHsGaXQ==
x-frame-options: DENY
date: Mon, 02 Aug 2021 03:47:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=am590theanswer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=am590theanswer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 232 KB
68 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6708dc7a994413dac59a1773eb2a11ba

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a3201ac7f0c7e8f785a792f7365b256cebfa00c671157732b34d27981e44605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://am590theanswer.com
Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: R1vDNL+CykXtjBi6uim0/g==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69082
x-fb-rlafr: 0
x-fb-debug: iLCHUZUhOwkbgb1HHu0nMCJ5KtVAIKBdrygUlHtVT942TJ1XTpWDlJ9nQlDwDbh+LgUzr+yVNmkPK9ecBrqxXQ==
x-fb-content-md5: 38f1e2c034403d2d4b8c05b97a781b2f
x-frame-options: DENY
date: Mon, 02 Aug 2021 03:47:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5f9fbfe177f149bbf7e02e0f54ea7ef2"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 02 Aug 2022 02:26:15 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 197 KB
32 KB 608ms
608ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3712737032670147&correlator=3834640349098010&output=ldjh&impl=fifs&eid=31062076%2C44742768%2C20211866&vrg=2021072801&ptt=17&sc=1&sfv=1-0-38&ecs=20210802&iu_parts=6177%2Cslm.ktie%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x150%2C1200x150%2C300x300%7C450x450%2C880x110%7C1200x150%2C300x600%7C450x900%2C300x300%7C450x450%2C1200x150&prev_scp=pos%3Dskyline%26traffic-percent%3D12%7Cpos%3Dtopfeature%26traffic-percent%3D12%7Cpos%3Dtopbox%26traffic-percent%3D12%7Cpos%3Dmiddlefeature%26traffic-percent%3D12%7Cpos%3Dmiddlebox%26traffic-percent%3D12%7Cpos%3Dbottombox%26traffic-percent%3D12%7Cpos%3Dfooter%26traffic-percent%3D12&cookie_enabled=1&bc=31&abxe=1&lmt=1627876076&dt=1627876076640&dlt=1627876073558&idt=3010&frm=20&biw=1600&bih=1200&oid=3&adxs=200%2C200%2C200%2C520%2C1100%2C1100%2C200&adys=345%2C665%2C1052%2C2028%2C2028%2C2108%2C3753&adks=1204348377%2C1204348378%2C3765552459%2C69147905%2C1319719146%2C3765552456%2C1204348359&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fam590theanswer.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x0%7C1200x0%7C300x-1%7C880x0%7C300x-1%7C300x-1%7C1200x0&msz=1200x0%7C1200x0%7C300x-1%7C880x0%7C300x-1%7C300x-1%7C1200x0&ga_vid=1263304296.1627876076&ga_sid=1627876077&ga_hid=1719581698&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

0914c4ff7243f4332fafb861264a3608f1c17b7787ec1540447d2759f9494276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33136
x-xss-protection: 0
google-lineitem-id: 5688946701,5750859098,5738032494,5749617076,5588552095,5588552095,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349234362,138357823625,138356218291,138358091770,138337179202,138337179370,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://am590theanswer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
191c58df206ff722dcc1857f628bfe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D9B 6 KB
3 KB 40ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://191c58df206ff722dcc1857f628bfe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 191c58df206ff722dcc1857f628bfe18.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am590theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://am590theanswer.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 02 Aug 2021 03:47:56 GMT
expires: Tue, 02 Aug 2022 03:47:56 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 63ms
62ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f6a0a87508d1c60c67f377571cccce10d21192e5998cbacf6d7579504e1463cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4344
x-xss-protection: 0
google-lineitem-id: 5623273870
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138340494733
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://am590theanswer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 390961805259193 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 78ms
78ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/390961805259193?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21fabf883e3b8289c90db311afca20677db221cdc7ee50bf75c7c1e001ba6a89

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: oKQQldBui0pP5qoMES9gzrRQaTROvMcHq6m3X9OzF+1x41n2rDi2HM723BVsyQtmG2WEL2sczAPfdTTe3XEo+Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 02 Aug 2021 03:47:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=390961805259193&ev=PageView&dl=https%3A%2F%2Fam590theanswer.com%2F&rl=&if=false&ts=1627876076800&sw=1600&sh=1200&v=2.9.44&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1627876076799.781255712&it=1627876076665&coo=false&rqm=GET

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 02 Aug 2021 03:47:56 GMT

GET
H2 200 moatcontent.js Show response
z.moatads.com/nativonielsen548znrb18/ 167 KB
55 KB 120ms
39ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=15401
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:56 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:04:05 GMT
server: AmazonS3
x-amz-request-id: 541CA3CB462144FD
etag: "774acff2cee5852cdfc3fd8471cb2667"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37639
accept-ranges: bytes
content-length: 55696
x-amz-id-2: WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
624 B 113ms
113ms Image
image/gif 18.209.200.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=b250581e-4808-4267-92fd-986406af7626&ntv_fl=CF4se3gYGjAPzQcMJoAeWRz3uBDgkUm4Qgj1uh-ouVZrm56_VzzGoR6u_sDbMVB7Kw9xXY7ZYseU-x9fV-Wc0iEuX29P0OXmLajudyCizSVi9mnGGlBk-_x0z0dUEj6IClpkNB_XtqBPXPnsktkXN8YmgLlDDvgl0V3L22Knf1nCyzw-g4G270YRygYlmg-G&ntv_ht=7GoHYQA&ntv_at=303,302&ntv_a=AAAAAAAAAA9RURA&ord=1627876076852&ntv_it
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-200-15.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:56 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
624 B 114ms
113ms Image
image/gif 18.209.200.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=b250581e-4808-4267-92fd-986406af7626&ntv_fl=CF4se3gYGjAPzQcMJoAeWRz3uBDgkUm4Qgj1uh-ouVZrm56_VzzGoR6u_sDbMVB7Kw9xXY7ZYseU-x9fV-Wc0iEuX29P0OXmLajudyCizSVi9mnGGlBk-_x0z0dUEj6IClpkNB_XtqBPXPnsktkXN8YmgLlDDvgl0V3L22Knf1nCyzw-g4G270YRygYlmg-G&ntv_ht=7GoHYQA&ntv_at=321,322,333&ntv_a=AAAAAAAAAA9RURA&ntv_jlt=3288&ntv_jad=368&ntv_jte=22&ntv_it
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-200-15.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:56 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
624 B 114ms
113ms Image
image/gif 18.209.200.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=7c6de6a6-f59a-4bd9-8e56-1676c4558118&ntv_fl=CF4se3gYGjAPzQcMJoAeWcc5qNfM5rTOB3VbQS_K7f7Vv7ZJJl6pV4dpdmng4j7ynbJdmhvBcl9cMUhL_LEnkvPV6xZwTSNmFL6gpnXOU8kK_eu6TF9M7AJfVVopPlgYA0yXvHHxoX_K8TgYWre88ZhNMTJ66iTkPWVdLmnhi0LIJVhvl4emsLyderat7zvV&ntv_ht=7GoHYQA&ntv_at=303&ntv_a=AAAAAAAAAA-BURA&ord=1627876076854&ntv_it
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-200-15.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:56 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 15401 Show response
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 0
282 B 138ms
136ms Script
binary/octet-stream 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/15401?t=20217259
Requested by: Host: am590theanswer.com
URL: https://am590theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-version-id: WvWVBcbhl0kXYN1dg0WDmnEvXPHHr0K3
last-modified: Fri, 23 Jul 2021 07:01:07 GMT
server: AmazonS3
x-amz-request-id: C8PP1JH5B59GWDHG
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: binary/octet-stream
date: Mon, 02 Aug 2021 03:47:57 GMT
accept-ranges: bytes
content-length: 0
x-amz-id-2: Q+ST/GT7KFUozWvy8e7OVk/sVbNmirJD+gNCzqT0Xu+NqkYcXkt5QsVE+ee72ziqUwFh+KJGyVU=

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A2F9 0
0 32ms
32ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstd39BUFBciKTiSbIU0IjF7R2wlgTmu2DjImtHQaPE0Hud1nWlcZsUaoqLJLaFWIfBXOD1JVGG-_0qGtAlYErSHPJTq7O4DVGzOun7iNAtP1PYVFO3SF02GB_Cx2sjomkXEWU9ZJN453Rdew3w6-u_U8i1pD2mFWij6F4xHGKNMyc6Tt-LYVJm13HzErXlZ4OGVNm5uIbzqwg3RDAswf-H4e98MjSfeImz8sRiE94sL6Ne-IxpUM5kL75n73JVhi6xOLuS0aHnBakYNSH9yzAq3EPaa8i2rzdarXJ27MmJ1kk1jXyode2yEvw&sai=AMfl-YR6f8TOv4aInH7-swpMVTyeIVg_p-khc2VrmdQ3p_HnpAucD30VYnQLaEqc198eloO8l67qYrEeDLAYne3wtz3DSZZO0ISSkQzQwRIgEoNEYkSN_E5AssLfuFolC5E&sig=Cg0ArKJSzP5HO28C8WuXEAE&adurl=

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame A2F9 18 KB
8 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 03:40:55 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame A2F9 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 03:28:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A2F9 124 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame A2F9 0
0 23ms
22ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1exjJ1ba6lVoxqRUkYSQgIRKkG8yj9NpcJyzTJySTvY9FPEcPXboJgEpEdjjiCHtfYKCwaNfJIiybQ2WfabIR01ZsYQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H2 200 13455516868530934848
tpc.googlesyndication.com/simgad/ Frame A2F9 78 KB
79 KB 84ms
84ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13455516868530934848

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b23f3d19d034c723e90de6b65e1ae3964ca522d6335997a8d12b16673f9b87c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Jul 2021 19:52:45 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80297
x-xss-protection: 0
expires: Tue, 02 Aug 2022 03:47:57 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

163ad32a13401b1f5387b23c7d749fccac8da49e9914584fe3aca42884532c09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644667915703"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E440 0
0 32ms
31ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPZPG5iLMgXhPO13CMhLPDvjRt8YdXvduq52uJdPfSWbbz_iqIHCzihX_t6T10Dg7XxSTZFOpkp8va8zCDAjxHOEEXBgxUh94ZpPfwB1dWuBZ7Yug4XFKuX2zXMl7A3FJpyEx0S5ghkWhH7EGyrzf2GSZbg7uAr1DUfFe-rHAF9Wreh92S1CIsS2kbdrLicJSHZ_ADZyhioaq2kKzfTMPyrfhDh3UP-43ivGzinAkqbqgVVAeVJT16SZzaSLqBZHJKKO1IHC_H4U1lA9QwgI7JjJHvJNLQquZnbmNZ1bzvCC6VlablXMuzoA&sai=AMfl-YR6_3ff_HUs7XrYWJFyrgrWB8qn6bCdBYdSsG4WSHUOzIR7HqDK-Jf6biIwR2TLgSsez9Um5J7tvdaagZapcg5IlsFdh22722HJ341sIctl-3_e8tmdC1jgyH6OEYU&sig=Cg0ArKJSzH9pVkA5tw4kEAE&adurl=

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame E440 18 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 03:36:55 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame E440 2 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 03:27:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E440 124 KB
37 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
H3-29 200 3285155767233261816
tpc.googlesyndication.com/simgad/ Frame E440 134 KB
134 KB 94ms
93ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3285155767233261816

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd6e4f2af27d27f6508255235794f280f5eec667e88d78b7928dc35ca61c41a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 15:46:29 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137272
x-xss-protection: 0
expires: Tue, 02 Aug 2022 03:47:57 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8BAB 0
0 35ms
34ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbEtjKNwdqEikubNjIbismz0DRkSKWzfgsluGyrimILs9tFfZwgIr81sYL6PNPb4M9jETS302KyhNjMa302BvrAYEmIiVJ0M4HaNuA7Egb30pQBSdqM9UTz7QsgfwDXGoc7tICJbUFxq59WmTc3-UPajgTIKBYpYLWKUw1swanM-3vuiQ7E1HQzXBBKDeN9czJolvA-Xv0XoLOdIxDM1kley6hUiBHdPHjfOcLsVuZcGjDNQg0bSsOpyqFS-4i7b_gbei5yLVY268VtZvdUKdPSvLtwRPuSJZBACu60pjFD3dcyRdisQ&sai=AMfl-YRk8X3SWhuFcDYQ9baKtexVbbpEUJ71qCsPspgVDoAqARg4ghjXw4quhNWaIbpcx24bLxwPK5a_MSWVHbZ9_88h4Cy0jCKFodwSqgzEFT5tJ7XGyZbgmeodtPyphmE&sig=Cg0ArKJSzGnG8AKMzegKEAE&adurl=

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 8BAB 18 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 03:36:55 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 8BAB 2 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 03:27:35 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8BAB 124 KB
37 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 8BAB 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR8v-fAEaTHUHIja_HsOKJz7T9dlydYDXoFfYpfRh9ddOcO9xPJXHCrspyBhHDORoQvc-pp9CxEQgjKWfH9tQsrTyYo-w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H3-29 200 4109324832335356885
tpc.googlesyndication.com/simgad/ Frame 8BAB 208 KB
208 KB 104ms
104ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4109324832335356885

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

affdde6785713b86ba70723b1d8f1d88b75efee1390ace9d93a4fc1be8c1a66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 00:51:09 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 212607
x-xss-protection: 0
expires: Tue, 02 Aug 2022 03:47:57 GMT

GET
H3-29 200 container.html Show response
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 6013 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am590theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://am590theanswer.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 01 Aug 2021 20:03:41 GMT
expires: Mon, 01 Aug 2022 20:03:41 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 27856
cache-control: public, immutable, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame AEA4 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am590theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://am590theanswer.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 01 Aug 2021 20:03:41 GMT
expires: Mon, 01 Aug 2022 20:03:41 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 27856
cache-control: public, immutable, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A317 0
0 32ms
31ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAuZXFrcFQDOJEr9Rfgp3E-Z4TbGrXA81gSMXl4SEhhGFuxT-oXrWkSY-4aWy4lTP081Uwbj2PBemc7DgyKNbVZz_rQ_zDBnKcBaPmpjjTD_KCugVMSY50y6L6WT3d4IT29ccWLg2M7AHWBlUfBvFI09qnG41hLdCoxV9lvGjrepZqmBWntKxtRuyrDi_Z6-HWCbZu4MaY0M3yK5UFNRiPFidxkwcRJJYvMeAJTM1Ho1YPPZK3o8GZomVFPSNPbjb-2OxBthqwTrXw1V1Tt7p8qCKHpQcJBl_84ouScvKun_fNFHHpX_cv0A&sai=AMfl-YR4yQKRKDBLUg7IiUG_jIAikznEk2bfnvHrXQg4vvuhpedGbKkaqiHnOFYfJiMKcXOpNckQNC_NLel6fQW3bPyhFQ556cPiS953s1wjFf_HJxcfsygEQcpFhkkep0U&sig=Cg0ArKJSzFQ8GEtrTmhxEAE&adurl=

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame A317 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 03:36:55 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame A317 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 03:27:35 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A317 124 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame A317 0
0 16ms
15ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmF82E7a9_MHdeDuBLPxWzyumzHOQiv5swEcV6Ase9OxmZU90nU_c3wt26jgIYoCoLXOC0yNbZMzYqMvnEV6lIUJoQyw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H3-29 200 4675182658367486662
tpc.googlesyndication.com/simgad/ Frame A317 48 KB
48 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4675182658367486662

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5de2c5c8a098c0de64bff064bac20a26f3cc0d2ddd6dfcb9a9b28e80875cf3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 22:20:29 GMT
x-content-type-options: nosniff
age: 365248
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49307
x-xss-protection: 0
last-modified: Fri, 09 Jul 2021 21:13:39 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Jul 2022 22:20:29 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=390961805259193&ev=Microdata&dl=https%3A%2F%2Fam590theanswer.com%2F&rl=&if=false&ts=1627876077367&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22AM%20590%20The%20ANSWER%20%7C%20AM%20590%20The%20ANSWER%20-%20Inland%20Empire%2C%20CA%22%2C%22meta%3Adescription%22%3A%22AM%20590%20The%20ANSWER%20%7C%20AM%20590%20The%20ANSWER%20-%20Inland%20Empire%2C%20CA%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Adescription%22%3A%22AM%20590%20The%20ANSWER%20%7C%20AM%20590%20The%20ANSWER%20-%20Inland%20Empire%2C%20CA%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1627876076799.781255712&it=1627876076665&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: am590theanswer.com
URL: https://am590theanswer.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
DATA 200
OK truncated
/ Frame E440 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e323755b261c65e55b7feb0fb293ef3392df74dfa476626ac441ce5fc887477

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A2F9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b295ad689b737897af4823faf072e1863b8226e277a6273bd07b6191599c60

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8BAB 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebb1a2afc718ad7acef5284dfaa5d8622464dc7abe08d3c6e1d018b4104a9e2b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A317 0
0 32ms
31ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEE_bH9NGRHGQYeZguYol_qlUcUcOzvNQlPRrPcFL6PJYth6C3vE21gnqBZMwnyi9BOpShglLUgBGUESmYSI_ZUlAXszSr8_oBzGyBK_S6ql2XTm9mVNmfamxQ7qSBaQKoN4aI_GhMBynbn279aXzViUEHVfc9CE0wK6MCOtPjddkBvobpoIsMI5UCe6ize0VlFbAWPD7chPGW8hrzlrA9uOUFnENYzVkp5eHVXohj8ZNLfz7r3p9FoCaflrZwuhuDiCXsEVf0zSrvdQp3vp0_Rp-FAYGZmHg5qRuVKeFf1xO0R8SWEZ1aDRkf&sai=AMfl-YSiCfnrP-gPcxJ8QzWc2pv-h8tjULm1GX4T42VGpuVz9k1pIOQR1L06dnnled2QyoDsggKnsudL27pjmkQTh0oq1ftJe1cfQ_pucm7vJ-7rUhGf9z8VKIBiZQ8NXLQ&sig=Cg0ArKJSzPUNsU8n9ufqEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
DATA 200
OK truncated
/ Frame A317 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02ac90f08603df4060e414ce4bfc23f7786f8d41516adb7d557ee6585f8b427b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6013 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 12:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 316062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 12:00:15 GMT

GET
H2

200

newstalk-dinesh-dsouza-300x600-1-13-2021.jpg
cdn.saleminteractivemedia.com/199/media/podcasts/dinesh-dsouza-podcast/ Frame 6013
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLPSmUjVu2Ye6cubODIYrZhGezazMBO-TtQQJ1-boMocFtaEgOQ6RR7_HLuGgn8rGx5_IhRv4KSVf8hmIgRJ_IhXCT8YuhdffPEhe9M95lT8ByB0NYb77o9M5sfGKwDLSjfxkz2N51-...
https://cdn.saleminteractivemedia.com/199/media/podcasts/dinesh-dsouza-podcast/newstalk-dinesh-dsouza-300x600-1-13-2021.jpg

57 KB
57 KB

477ms
477ms

Image
image/jpeg

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/199/media/podcasts/dinesh-dsouza-podcast/newstalk-dinesh-dsouza-300x600-1-13-2021.jpg
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 973bc8c298108d00fd129ad90cabe2f6afba41027db58ac6742314ed38334c80

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:58 GMT
content-md5: arXKA/h5MkU0WIy3FMwPYw==
x-ms-meta-uploadedby: Hanlon,John
content-length: 58224
x-ms-lease-status: unlocked
last-modified: Wed, 13 Jan 2021 20:35:05 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B802B5CB32AD
x-hw: 1627876077.dop126.fr8.t,1627876077.cds218.fr8.hn,1627876078.cds016.fr8.pr
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 2608a743-801e-0002-3b51-870a79000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

Redirect headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cdn.saleminteractivemedia.com/199/media/podcasts/dinesh-dsouza-podcast/newstalk-dinesh-dsouza-300x600-1-13-2021.jpg
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6013 124 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame AEA4 22 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 12:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 316062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 12:00:15 GMT

GET
H2

200

newstalk-dinesh-dsouza-300x300-1-13-2021.jpg
cdn.saleminteractivemedia.com/199/media/podcasts/dinesh-dsouza-podcast/ Frame AEA4
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7OgJSV6-S0PmQ9vN6v3oUepzfQeghQXy_3V5D_1oR3eZ_W7psdn3_lDbjjgUaKQcUHgRbICBCrOV-0LfZVPtF0Iv4P4VtPZfwgDFlhiNg7M4ahyiFk-GrW5jc0Nkqc3UyMZCuV09yk...
https://cdn.saleminteractivemedia.com/199/media/podcasts/dinesh-dsouza-podcast/newstalk-dinesh-dsouza-300x300-1-13-2021.jpg

36 KB
36 KB

28ms
27ms

Image
image/jpeg

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/199/media/podcasts/dinesh-dsouza-podcast/newstalk-dinesh-dsouza-300x300-1-13-2021.jpg
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: da6ab29a323c79118fe78d0541b02c34f8319def2540106bc3cef644a6f2adf7

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 Aug 2021 03:47:57 GMT
content-md5: c/wm3bByFnsiYB9LlZatHA==
x-ms-meta-uploadedby: Hanlon,John
content-length: 36441
x-ms-lease-status: unlocked
last-modified: Wed, 13 Jan 2021 20:35:05 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B802B5DB8A53
x-hw: 1627876077.dop126.fr8.t,1627876077.cds218.fr8.hn,1627876077.cds258.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: d6380c03-a01e-003c-3f05-83bc58000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

Redirect headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cdn.saleminteractivemedia.com/199/media/podcasts/dinesh-dsouza-podcast/newstalk-dinesh-dsouza-300x300-1-13-2021.jpg
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AEA4 124 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A2F9 0
0 31ms
31ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst84CZGAdVSo0Hd6UXUr8TP2lRB89UlsTzLzkVXyQ5tacf7tQwy65T5CxEMHz-bXUo7Bo0P0cnXMiuiTfvYklQaqIS-RqmO2ImPSzuL6D9mHTMfBvm-ri3q9Rsy1VRYz5sMl3PiVIraZIyVdU60NXZkoVq-ySplu58YOVM1WiNaVizxwZIdNLUAsoJZDi4bS_piNbrF5rUdmV5lawnOrXgEqmBTfaCAwH5CUUYYiYzGQjWV16UHePFTb7W5UvAZxMZDyAzHbVUUJjOkW-CU9Swc-dq88Bydtz8VRSsh_XXTmGzqRURRX8cXl42w&sai=AMfl-YTPi0K9a9RvayjWpYu39VOHSII-EHx5MLqVQ7q3LrHYKc8HZ4A0vJQIjAHsx56JMOfOg2ck9RpfZVxVxtUF7bhR4yCpgJ9DDBghkHNPfqynTVwp46IHyRpENVhswyc&sig=Cg0ArKJSzFzI8DM_ti90EAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E440 0
0 32ms
31ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCuqaqCUwMDebvlVrqHLnFrVcZvjvI0gNqnqg_WUsSgnTjflmv6G4bDrUxr1-NZFXwZgzxn8jNGP7W13NkTWapI48wbttTsxgtMDk89Ab9XqLzbPkgiV05AzaRXr_xsecvsX59FoO2NgjZyUj_nBv0OGiNh_m_94adwNukNx6C52RT7HvvHIuFPtNdIgxs-14SdUBpmru5yjbNOcgrNdZ5_SWx-o3R3eamlJuQOx1ivLXvajzKuk2yLVaxoDDUV4uyrbpiRu11McyYaXVjNY-5VLU9x2xFquDgphKnYMw4CfwVpyIee56K_Vcu&sai=AMfl-YQBcNW0Ryhpag2rmD_-Tz6ONeQ80Mj92GV1mQxk8WsxUKiX2eyg_eSymKq_kqRVLFYRUV5CPmzwjcPlj5clCW0K3SNTysfuQ_lQezTL2ZRkO8iYOswqlewtIJE_B_I&sig=Cg0ArKJSzHGNU7gz4sH-EAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8BAB 0
0 31ms
31ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLPkEKjGKsoEfPG2x8J7p5OPzmFPwK7bcvmGrzVbiR8C0vpu4YQJritvc4HqYvEsSP-qwsvv7FW1l55Pg2Y-IVMwblAruOLdqtEPYOgNjiXtkixttcyc_Yg1HjdZGXYAvh1_SIpm0wX-VjvkUEQWwEDMVLy_NlHH812WepFEdt5JkVbOjJvI6dLp6wnNBJpNum1LJK04TkCLDC62hB7p0tUc7BoXMmz0LLMm19uDwMrnKrInow2SbeB5Sf5Y5lWWPJmBEPtktfZjZhMfYK6vvNJ7Knd86_dV5eCG1MlB0irIBAk60IK2kn&sai=AMfl-YS3LKyTlFQH_ROTHep3ijoCwUrTQiAVEeZpx33HbmI4ur2kAVKtmgFfefSt01p9jXcjysFg78NoF0Hfrh53JDJwltQstw_rSGH7-6cC5OWNBm_SnJk1V98Efd5eHtw&sig=Cg0ArKJSzBcS-orL4QM7EAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6013 0
0 32ms
31ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLPSmUjVu2Ye6cubODIYrZhGezazMBO-TtQQJ1-boMocFtaEgOQ6RR7_HLuGgn8rGx5_IhRv4KSVf8hmIgRJ_IhXCT8YuhdffPEhe9M95lT8ByB0NYb77o9M5sfGKwDLSjfxkz2N51-BWWTQpdxvzVFNf4CtC7X6BD39_hOJcF-alJ2O4mct_l06UJqjqwpt1473pSp-jmrCE8JXEJiIzyfybJtdC9pjjAm83EJFmW4IkmHLTx5khJIOJhm21T_EQBwY7dx7nhb-oqAmp0Gy5B2nKCApvAfwwhZkGMwMGuX2zUG1joueVGHw&sai=AMfl-YSmr9mDuPZxd4FdAs2ut67ulQx9n9qI0bYQwQjYbPb8Fvql3BgcfG2gHBh0ICLOs4eYHOPS3IrOD0tzbZdrxiCdu_y4ha1Z5GmddJ9XBBdcV8dPd6H8q6WjYg89nD4&sig=Cg0ArKJSzIlECyKCTx8BEAE&urlfix=1&adurl=

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 6013 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4425c8c3eda142e6f91f8dcf5fd7dcdc600e9a2033b0c862266cedac1eef3afd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame AEA4 0
0 32ms
32ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7OgJSV6-S0PmQ9vN6v3oUepzfQeghQXy_3V5D_1oR3eZ_W7psdn3_lDbjjgUaKQcUHgRbICBCrOV-0LfZVPtF0Iv4P4VtPZfwgDFlhiNg7M4ahyiFk-GrW5jc0Nkqc3UyMZCuV09yk6u2GtNeYH3pNa5ojiPh2TdQ0OBUHwprYk4g_eTB1Pqb03zZYM54HjCCiHMdVWsr8YRI35gomLvgfcWR45etYr__vn-jFaSfAjFERowPHSOp9EjIDSImLEpHe5h7eiS6HwNsYWWBwVTJ3h9PHwxdfSGdFvDRuBMAZItNeXr7zGcWNw&sai=AMfl-YQrJkrhfyhgUQS6gUNW3sC__Ssv5SKr4oemxcmaJfZUJ6URlkbCA9RxTGUz0poXAp-auIlH_NQ5W-UWbXCGhjs6-jLK6FbCegvVa1BJV3kXXpHyz_S-yfJt58Vlx7I&sig=Cg0ArKJSzMyzxdPGauPUEAE&urlfix=1&adurl=

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame AEA4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26d1d30f5d1eb7bb68f8357cb050fecb6b9d6486031bf67e6a7b4df74fcb3c4d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame AEA4 0
0 30ms
30ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszPo-k1xrTglVOSX0GpnP136xTrhoG1zN813QPA6qO1HHguCF12ZXRuVv-3BL0lfmyqBeRdpZ_M2XEMWban9Bfrpb8g29ud19k1xMMCCOgTWAxPqpcwiRmfnGzmliug8XF2yPs8D59S2z98fZhlwUQyxtCE2-qAsra8eK8tCb_1-lgkQoyo3vRdPOGUpKNATisQhYIniXwNTyBzKHy-XX1iLhGrNwOaOv0shd8FtxKG7qMrJpxpsqp8WVV8CtdL_m8zxTEO9rvbBzFNaF0fo7QPOjSf3ujNPCzYk-_4NRxMFmJlS5A21nFcpUD&sai=AMfl-YRc0c-fe2NouUSCPCuuq9x21Lg2Q5ncHtopbn0QOzWmNbf9pdeMcY2PV86WZuf0CgnQiD5OW7mBVSlpEy61wf8nZIL2bGAbzsTDhnm8pLILr9smQeh6LnKzkNDFUCw&sig=Cg0ArKJSzIR-lupcth4PEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 02 Aug 2021 03:47:57 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6013 0
0 31ms
31ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTYYdhzAEFKgdl4AN144bNFQjmHO_gxjqCBsDeF2FzwlwUpjmv1JO6O9RJH-pgpp4hKylK39mb2it506tKCciRfZ7e0btXUkQuWG0OE0JYoNvaTE6jZrwijSyxxsvG5JIEQOuWol78K8W__7EuGR_3nBDFQcFZ7scpMGnjTgQRDCzEZqL1YCykWu3JODjbBKqkrAlbkwLxlRT81gMPHmQsl3vQKOxRrhOm32ZwZAaF4kk0qNkObyG9pASSwXMU_o5fTOoH62eV28uVbejCmAxJI5-iTmqRMM1fKDJvwWAEf-A2mYKb0h-Fd0NI&sai=AMfl-YT3Wr8_ZG4LvCIHBGU8jjPjPMzOTcd7d-GFMyGu-l3qRtnOjl655r_3bHmNnbZEzVYL3wXvFyyDbQXbE8lh37FIiLWeN08ovngHpL89cODkq8pnMO4vHQ4vdxuOawg&sig=Cg0ArKJSzFaq0X7XNMAsEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 02 Aug 2021 03:47:58 GMT

GET
H2 200 p Show response
i.simpli.fi/ 757 B
1 KB 34ms
33ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=150871&cb=sifi_att_1078075446030239._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/a2fee930-b8b0-0136-d8da-06a9ed4ca31b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

f36afdf98f0ded95956fd165105899803d42c2bb316a934bdfbfafd96442ca55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

/
www.facebook.com/login/ Frame B182
Redirect Chain

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=327608680664365&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

105ms
104ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df157a6756386ef8%2526domain%253Dam590theanswer.com%2526origin%253Dhttps%25253A%25252F%25252Fam590theanswer.com%25252Ff19e84500a48ad%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fktie590am%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=6708dc7a994413dac59a1773eb2a11ba

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df157a6756386ef8%2526domain%253Dam590theanswer.com%2526origin%253Dhttps%25253A%25252F%25252Fam590theanswer.com%25252Ff19e84500a48ad%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fktie590am%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am590theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 7y6oV60Se2n+HEv8ubJO0bQCe7uvKKnLOReVs5JqK4iQ2qVmvRCKcQiVVIhjbpm+/ahEiny94+5F3aClDXbr5g==
date: Mon, 02 Aug 2021 03:47:58 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df157a6756386ef8%2526domain%253Dam590theanswer.com%2526origin%253Dhttps%25253A%25252F%25252Fam590theanswer.com%25252Ff19e84500a48ad%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fktie590am%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v3.3
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: zIJW/b+TxP+6uL2bQY6OKBO3VWhGTT+McZDEeN6WwLXSPddptsyb6q132PEEu3ZmfHR0yDMGRLPqovcmXFZGjA==
content-length: 0
date: Mon, 02 Aug 2021 03:47:58 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc444d800ebcfff9b2de7c5901996fcdeeaba7ab4eea119aefebd4f7f8e7e877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 03:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8425
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 02 Aug 2021 03:47:58 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=9EB82C6CD2D7443C859622419ED6F19C

43 B
183 B

285ms
94ms

Image
image/gif

2600:1f18:612b:4232:5c22:542e:b1d3:5f9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=9EB82C6CD2D7443C859622419ED6F19C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:5c22:542e:b1d3:5f9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:58 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=9EB82C6CD2D7443C859622419ED6F19C
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 01 Aug 2021 03:47:58 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=9EB82C6CD2D7443C859622419ED6F19C
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=9EB82C6CD2D7443C859622419ED6F19C

95 B
425 B

27ms
27ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=9EB82C6CD2D7443C859622419ED6F19C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:58 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=9EB82C6CD2D7443C859622419ED6F19C
date: Mon, 02 Aug 2021 03:47:58 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=9EB82C6CD2D7443C859622419ED6F19C
https://d.agkn.com/pixel/10751/?che=1627876078&ip=37.120.137.5&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164890203866000018908
https://um.simpli.fi/aa_px?sk=164890203866000018908

43 B
409 B

32ms
32ms

Image
image/gif

169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164890203866000018908

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 01 Aug 2021 03:47:58 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 03:47:57 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164890203866000018908
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nexage
um.simpli.fi/ 43 B
409 B 106ms
32ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 01 Aug 2021 03:47:58 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=9EB82C6CD2D7443C859622419ED6F19C

0
0

47ms
14ms

Image
text/html

13.224.96.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=9EB82C6CD2D7443C859622419ED6F19C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-41.zrh50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Redirect headers

date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=9EB82C6CD2D7443C859622419ED6F19C
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 01 Aug 2021 03:47:58 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 106ms
33ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 01 Aug 2021 03:47:58 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 33ms
32ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 01 Aug 2021 03:47:58 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=9EB82C6CD2D7443C859622419ED6F19C;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=9EB82C6CD2D7443C859622419ED6F19C;mimetype=img;sr
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=8159760360780221387

0
0

14ms
14ms

Image
text/html

13.224.96.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=8159760360780221387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-41.zrh50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:57 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=8159760360780221387
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=9EB82C6CD2D7443C859622419ED6F19C&j=0

0
324 B

139ms
45ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=9EB82C6CD2D7443C859622419ED6F19C&j=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:58 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
server: nginx
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=9EB82C6CD2D7443C859622419ED6F19C&j=0
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 01 Aug 2021 03:47:58 GMT

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 34ms
33ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 01 Aug 2021 03:47:58 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=9EB82C6CD2D7443C859622419ED6F19C

0
421 B

449ms
110ms

Image
text/plain

3.223.82.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=9EB82C6CD2D7443C859622419ED6F19C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.82.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-82-72.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 02 Aug 2021 03:47:58 GMT

Redirect headers

date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=9EB82C6CD2D7443C859622419ED6F19C
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 01 Aug 2021 03:47:58 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=9EB82C6CD2D7443C859622419ED6F19C

62 B
603 B

201ms
160ms

Image
image/gif

23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=9EB82C6CD2D7443C859622419ED6F19C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Mon, 02 Aug 2021 03:47:58 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=9EB82C6CD2D7443C859622419ED6F19C
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 01 Aug 2021 03:47:58 GMT

GET
H2

200

tpid=9EB82C6CD2D7443C859622419ED6F19C
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=9EB82C6CD2D7443C859622419ED6F19C
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=9EB82C6CD2D7443C859622419ED6F19C

49 B
735 B

55ms
55ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=9EB82C6CD2D7443C859622419ED6F19C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:58 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.4.106
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:58 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=9EB82C6CD2D7443C859622419ED6F19C
cache-control: no-cache
x-server: 10.45.8.200
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=9EB82C6CD2D7443C859622419ED6F19C
https://ce.lijit.com/merge?pid=2&3pid=9EB82C6CD2D7443C859622419ED6F19C&dnr=1

0
433 B

42ms
42ms

Image
text/plain

216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=9EB82C6CD2D7443C859622419ED6F19C&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 03:47:58 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 03:47:58 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=9EB82C6CD2D7443C859622419ED6F19C&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=9EB82C6CD2D7443C859622419ED6F19C

0
66 B

74ms
28ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=9EB82C6CD2D7443C859622419ED6F19C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:58 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=9EB82C6CD2D7443C859622419ED6F19C
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 01 Aug 2021 03:47:58 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1627876078078&cv=7&fst=1627876078078&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=201855669&cv=7&fst=1627876078078&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
https://www.google.com/pagead/1p-conversion/1026675585/?random=201855669&cv=7&fst=1627876078078&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
https://www.google.de/pagead/1p-conversion/1026675585/?random=201855669&cv=7&fst=1627876078078&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...

42 B
64 B

28ms
27ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=201855669&cv=7&fst=1627876078078&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7moHYfOeB8WS3gO_6YTwDg&cid=CAQSKQCNIrLMFGgpZpcPV4OkUzWcqPtGeaM8zxfyQ3V3UDD8Fhpf0jKp3B6E&random=2999366536&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=201855669&cv=7&fst=1627876078078&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7moHYfOeB8WS3gO_6YTwDg&cid=CAQSKQCNIrLMFGgpZpcPV4OkUzWcqPtGeaM8zxfyQ3V3UDD8Fhpf0jKp3B6E&random=2999366536&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=9EB82C6CD2D7443C859622419ED6F19C
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=9EB82C6CD2D7443C859622419ED6F19C&__user_check__=1&sync_id=6d638332-f344-11eb-872a-16821cb20406

43 B
548 B

28ms
28ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=9EB82C6CD2D7443C859622419ED6F19C&__user_check__=1&sync_id=6d638332-f344-11eb-872a-16821cb20406
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Mon, 02 Aug 2021 03:47:58 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 48
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 02 Aug 2021 03:47:58 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=9EB82C6CD2D7443C859622419ED6F19C&__user_check__=1&sync_id=6d638332-f344-11eb-872a-16821cb20406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 60
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=9EB82C6CD2D7443C859622419ED6F19C
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D9EB82C6CD2D7443C859622419ED6F19C

43 B
1 KB

64ms
63ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D9EB82C6CD2D7443C859622419ED6F19C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 03:47:58 GMT
X-Proxy-Origin: 37.120.137.5; 37.120.137.5; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 328a72d0-559d-4f4d-abcf-fd6d4137b03f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 03:47:58 GMT
X-Proxy-Origin: 37.120.137.5; 37.120.137.5; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a10cbed6-5acd-4831-9b27-f23a64b2311b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D9EB82C6CD2D7443C859622419ED6F19C
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9EB82C6CD2D7443C859622419ED6F19C&expires=365

42 B
773 B

111ms
29ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9EB82C6CD2D7443C859622419ED6F19C&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9EB82C6CD2D7443C859622419ED6F19C&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 01 Aug 2021 03:47:58 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=9EB82C6CD2D7443C859622419ED6F19C
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=9EB82C6CD2D7443C859622419ED6F19C

43 B
180 B

30ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=9EB82C6CD2D7443C859622419ED6F19C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:58 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=9EB82C6CD2D7443C859622419ED6F19C
date: Mon, 02 Aug 2021 03:47:58 GMT
via: 1.1 google
server: OXGW/16.211.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEEfNy0mZKuPv8Y8hT8eQcYY&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9EB82C6CD2D7443C859622419ED6F19C
https://um.simpli.fi/g_match?id=

0
320 B

32ms
32ms

Image
text/plain

169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 01 Aug 2021 03:47:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 61C3 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am590theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://am590theanswer.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 02 Aug 2021 02:05:39 GMT
expires: Tue, 02 Aug 2022 02:05:39 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F048 783 B
533 B 16ms
15ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2701b5aa89f1e935855568368409a8996af6e980570e3408e0a4a1cccf1818c6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ySbCH3QYajWVjv8r55IL3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am590theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://am590theanswer.com/

Response headers

expires: Mon, 02 Aug 2021 03:47:58 GMT
date: Mon, 02 Aug 2021 03:47:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ySbCH3QYajWVjv8r55IL3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Show response
pagead2.googlesyndication.com/bg/ Frame 61C3 35 KB
13 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 15:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 15:39:39 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072801&jk=3712737032670147&bg=!-fql-r7NAAals0SOpbM7ACkAdvg8WquA2uaBdi91jVcRmgCm-zor_YxQgrI4_0dHdE5Aq13t4loCJAIAAABmUgAAAA1oAQcKAPL3ymxlKTkorzFBUhtzEGzFq8c_nnUOhWAkazEH5FORa_Ehyq8xMooEUkp0kaDFKd_i8gsP4UJ6Tyi8GN62i6JX-yQfh8AxZZnvF-V9tw3Mrq0_JxCTzTVCGeyhrUzo8_chXCid8StBBkzR6yKlEoFtVSq-ChUL5iMfDFpYGSaOad8nqwSQ2lCPtC4Yiul2G--0BZ_0tgf-my54qZz2FGnEpqhCE9JvA7IqvTEucvlsgC6GjlFY2fBw6SZE7dOuy7rr9OjAh3c34eKQIEGRM_QvUMIrcS1bUhkRvaFzJw2e2NuK0pIjO-u-NVUpVUh94zNoCJkCf691ISX9wfkvqc0PagIQs4d2o-12TG6RUKz92dzBzJKVcUF0jJrjoMpfOSF4zDf4WbwIhvD8eS162YjrqxYV-Bl8khRC1px-BHO9oBm9egcFsuIX4P_atkj_PrWfBpyz_VzB5-Dfmw9YyJICReE_yLzdTatwg___S1_V060YkVPR97oDKhv_L0t2AuySqhmlJJlJT-XS9h_Cs9bzT1NVaFNlPOZBKzlTPcej9wuQW4dzEL1FlhUWalGtHUlFhgwRj0LOt_jOnwHwDxOniJTaS8VNnZtdNcTbo0hoM8U6QiMZ5Y0GIfwQtDLpQ7CbT_LUpCh5AopMb419nvaYsDNFXS4vGBPtX93ULsF-MPCfTb5JaL_tH8lwGLSqdnsnd6V0uT7nze1vsisEXOfxjdzq8Qj0pR77vd2h-ixhre_Zp_YZntydkim9QOw0qzZUzNnsxNCXi3elCgCdHbTmzqFm5rXljWTrGsxSkoWxr-Df7nY0od3o-x5betEtdhYB-ZkxrBHdoIcn9tX7IQL-WaUT9G8P87HQm10XbBO1ot1Fp4DmLJvm29Wmna3gbR1HDUrQnRRcjcGtML-UGcO6_X7pdS5ZL1HP3imJXhmezgdM9do1O5Yw_Ye1EU1PnCVjG3_5yyFwnAMEmapg0NYRDGbdDwKiBez52VrXfQKFNSLNd59J20NMXmtlYbeT8HbnJ9feSOSFcWJ7SWWpM-9RfJ-6FkHwPEubhBkHWggVmv9HTIdj6GcHJyuBN7bFitUw0jp30RQvF7TxvdD8Vvbvb_GyegKvM25pz0T27KM9Df2ltnUwTYnkbzxMWJp8ZP9bWpr-P4c3oexjMu5MSvfEAAdaKQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E440 42 B
64 B 30ms
16ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLUv3p0Y8LthQEQaxogYbzOdsD7bm6ToqtnX7bM39A9Ig9XFX-SnyHbHE0cB0uQ9z1IlSYd4tuu9gd80nwA-jEivlFbqrC0mTSs5u6q5GtObkHHblN&sig=Cg0ArKJSzChnqB60oD1vEAE&id=lidar2&mcvt=1000&p=874,200,1024,1400&asp=874,200,1024,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210730&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1204348378&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627876077304&rpt=253&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8BAB 42 B
64 B 14ms
14ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstz6YSu9BD5ojipM4pmE834765ZTlniWfxFiqg52Z8Cm-xEI8456Id9RkzABXYGBXSK111CaPmkIpgZ2fRK7rhQpWoEJskBfnxBwGkYTJ_bgLJovJBT&sig=Cg0ArKJSzG4XLP3KNCm3EAE&id=lidar2&mcvt=1000&p=384,200,534,1400&asp=384,200,534,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210730&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1204348377&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627876077313&rpt=259&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am590theanswer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 03:47:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.am590theanswer.com/	1970-01-20 05:32:52	Name: __gads Value: ID=6ca2ef85d26f55b3-22e8492093c800b8:T=1627876076:S=ALNI_MZ6LxXuhtFkT6lzcVBTTklFCn_V6A
.am590theanswer.com/	1970-01-19 22:20:52	Name: _fbp Value: fb.1.1627876076799.781255712
am590theanswer.com/	1969-12-31 23:59:59	Name: ntvSession Value: {}
.am590theanswer.com/	1970-01-19 20:11:16	Name: _gat_NewsTalkTracker Value: 1
am590theanswer.com/	1970-01-20 04:56:52	Name: _ntv_uid Value: c897f70c-af31-4bc3-83df-33939b4d95f8
.am590theanswer.com/	1970-01-19 20:11:16	Name: _gat Value: 1
.am590theanswer.com/	1970-01-20 13:42:28	Name: _ga Value: GA1.2.1263304296.1627876076
.am590theanswer.com/	1970-01-19 20:12:42	Name: _gid Value: GA1.2.749469315.1627876076
.am590theanswer.com/	1970-01-19 20:11:16	Name: _gat_AllStationsTracker Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://salemlivechat.com/scripts/invitation.ashx?company=ktieam(Line 1) Message: Exceptional Case: No Cookie, No Web Storage Supported/Enabled on Browser!!!!
console-api	warning	URL: https://salemlivechat.com/scripts/invitation.ashx?company=ktieam(Line 4) Message: Invalid company specified.
console-api	log	URL: https://content.cdn.targetspot.com/content/act/beacon/_ts2.js(Line 3) Message: Targetspot Cookie loaded
console-api	warning	URL: https://campaign.aptivada.com/widget.js(Line 286) Message: Promotion # No App has schedule status of "unscheduled", and will not be shown, as per Aptivada widget settings.
console-api	warning	URL: https://campaign.aptivada.com/widget.js(Line 286) Message: Promotion # No App has schedule status of "unscheduled", and will not be shown, as per Aptivada widget settings.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: .sim-cms.net http://sdk.listenlive.co http://.streamtheworld.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https: http://cdn.saleminteractivemedia.com; media-src 'self' blob: data: https: http://.streamtheworld.com; worker-src blob: .sim-cms.net 'self'; font-src data: https://* 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

191c58df206ff722dcc1857f628bfe18.safeframe.googlesyndication.com
590ktie.com
aa.agkn.com
adservice.google.ch
adservice.google.com
am590theanswer.com
aptivada.com
bcp.crwdcntrl.net
campaign.aptivada.com
cdn.jsdelivr.net
cdn.saleminteractivemedia.com
cdn2.aptivada.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
content.cdn.targetspot.com
content.swncdn.com
d.agkn.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hotair.com
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
jadserve.postrelease.com
loadm.exelator.com
maxcdn.bootstrapcdn.com
media.townhall.com
node.targetspot.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
s-jsonp.moatads.com
s.ntv.io
salemlivechat.com
securepubads.g.doubleclick.net
simorigin.blob.core.windows.net
simplifi.partners.tremorhub.com
stags.bluekai.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
www.am590theanswer.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
13.224.96.41
142.250.184.194
142.250.186.162
142.250.186.34
143.204.98.113
143.204.98.69
169.50.137.179
169.50.137.190
18.194.175.178
18.209.200.15
185.94.180.126
2.18.234.163
2.18.235.40
205.185.216.10
205.185.216.42
216.52.2.39
23.45.99.241
2600:1901:0:8eee::
2600:1f18:612b:4232:5c22:542e:b1d3:5f9
2606:4700:20::681a:1e4
2606:4700:20::681a:20a
2606:4700:20::681a:e4
2606:4700:3033::6815:a19
2606:4700::6812:1c31
2606:4700::6812:acf
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9b
2a00:1450:400c:c07::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::485
2a0b:4d07:102::1
3.223.82.72
3.8.243.222
31.12.71.114
34.98.64.218
35.227.248.159
35.244.174.68
37.252.172.36
52.208.103.128
52.239.154.36
52.89.90.136
54.78.254.47
69.173.144.138
02ac90f08603df4060e414ce4bfc23f7786f8d41516adb7d557ee6585f8b427b
0914c4ff7243f4332fafb861264a3608f1c17b7787ec1540447d2759f9494276
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c2366804414e0dae17fd21077a8f21ea3816a88c305a3e0dc6766fae97af063
0e93d021d6a86ed31a49fbb62586483cc41426405a1de4a2ff12f7397632c108
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
163ad32a13401b1f5387b23c7d749fccac8da49e9914584fe3aca42884532c09
1a8b7c501bafe94b927626c703a5657adc1037463d95a11b761ca6a5d3233f76
21fabf883e3b8289c90db311afca20677db221cdc7ee50bf75c7c1e001ba6a89
22fe33cf967af3167d0368ec7f178e7ac33ee94e0520b642fa54c92f0ff4baba
26d1d30f5d1eb7bb68f8357cb050fecb6b9d6486031bf67e6a7b4df74fcb3c4d
2701b5aa89f1e935855568368409a8996af6e980570e3408e0a4a1cccf1818c6
27b65ea8c6cceebb6e32225e0dacd973a6358953d5c3b55841a685eb0a12d055
29658e011350f297e3c3fd2622df6d294d51f9250dfaf91f2f55bb758f0b0af6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e323755b261c65e55b7feb0fb293ef3392df74dfa476626ac441ce5fc887477
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7fcbbcf38797877a8f0c9c7dcf7b8fee05357080d4409c26eb299fa2cec46b
38541b7231a54844b494f355965a53abe80eb0c6146d398a9b3e28ecf349a7f3
3a3201ac7f0c7e8f785a792f7365b256cebfa00c671157732b34d27981e44605
3a6578d074635f4695440048f1e00c8dbe61e0f6509517ac1e4b64b414906c68
3c62bfc7ff90c599f2bcf888ffdaf730b121537253bd6768972dfd1e008ba819
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
42e93bc7503e47faa14f97adbff3ede04558868609a47681c3820df61e213e7e
4425c8c3eda142e6f91f8dcf5fd7dcdc600e9a2033b0c862266cedac1eef3afd
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
46d7396d794b034396dfb07428ccb8fa9243206f0d417875d7f85ca11c5e8f2f
4b3c8fc7aa697d868700f8f06c5b7ea853d2ce17f4b472a74bb00dd775b12873
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50b295ad689b737897af4823faf072e1863b8226e277a6273bd07b6191599c60
524e34fa90333253ca63c62d3099f493aa95088dae80f1e74e6d0be4beba8ffb
5594851d9deccf1c4fd1f877582c290165acfd718725172aac1fd30d6f987379
5661fb22a65ae1c4a18a8520255e5c79610a9f819ffed67440eed9849a8144cf
5ae6004ffd3447dbd1c28ca9fdfb81b38f7866cff33fbc373e608b3d07420586
5b3504e045223cbe5c46cb47f8ba6a1e58a4e6b94de84703fef6b0721c983a25
5b962df63d5297c565df3aecdd94ad3c727a84cdc53fe58b1727a7fec33e47b5
5d0b866d1a4293f0bc5e91c15ce8cabf047572c970dc7f9f9781132a8a51cad5
5de2c5c8a098c0de64bff064bac20a26f3cc0d2ddd6dfcb9a9b28e80875cf3c1
6103116ae35b8f6db6ca44c7d5b0ec491e7f117d05cc1d416197225a733d52d3
640ac81d7183170a72406a72a71eeedcff7ae103acb6cc6563506cc56d39abdd
6568273e9d257a19332421d7a519b3ae0f8a564e76aca9f603e848521f341db7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d34b7c87a0fb79708d3f672f48dd9e2dd8c5d7244927c30e14fed0d117b7fa5
713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a
788f67804a96ae5ff4f40ebdeb1f4311c3e24956f99b8d740db566b97c32c990
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a55fbb0fb94ea6ed9f0c1dcbca21e2b25263e908910b76723004db784786ed8
7b7b4ee1e773ba149fdc016727a2405b013b3c216aa995851ac099bded801046
7cceb2a303b8eb788e9ea5da76de6c7807897cc31fa7360b278d4d2c71885fd4
7f992fe95c9e5b419c509f7907df190b72a930f67f37cd2e0dedd8236a6708ee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87e33fae22ea5f6910393a04162c22ec211dd94549c06bd2bf5ca9a0d4c9e308
88ef30cb6c7c78b00155382ddd1a0d2dd5523288e32dfae320c45a883bd1e386
8a2083041b023312542c5a1db8b8623278ab070daa2692e5545b27f839391c6b
8e6a2d1bd8e2d064c2a4fda6cf9b91368d53448a8db00ec8f336419ce40dc1fb
973bc8c298108d00fd129ad90cabe2f6afba41027db58ac6742314ed38334c80
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99
a31389ea333c78114749b9901e26fbe26e110c54d27b25bbfa2e8bc2dad1673f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6727d298b60af4a31f4cd9cc7e7be6bb67b28f6eb1dad02761d80c3f16e3409
a68bb88cb8ab82781248447ef4bcebf56473589faf539348d35298b9e3d2727a
a70de6f7df22a25af4454d6d4add49c946e6200ce6bf9749821c4bbe1158c115
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa71ef0f9c26f776c1d894465ae75475d82defbce97394fdbb11dd0bbc6356a
affdde6785713b86ba70723b1d8f1d88b75efee1390ace9d93a4fc1be8c1a66c
b23f3d19d034c723e90de6b65e1ae3964ca522d6335997a8d12b16673f9b87c3
b5a1c8b0ac1fd44b0b494bd51cbf0d303410e4ae2d7827b1059d9013e673dc7b
b6c60b4cbfd369dc4f2171f61364679e512a012e0b9923b676ee05ee80a3072e
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7bd13a245729dab7cc7ace97ba3c607cb93da725ed88220e7aaf4872a3361f8
b8b3e2cbf40fb53ba6741572752df6d6c2a68f790e8f1789073bcfeb9abdc0c7
b98761142d68227621ff6da74e96a4e155d578e4cb98316fac267602eabc426f
bc444d800ebcfff9b2de7c5901996fcdeeaba7ab4eea119aefebd4f7f8e7e877
bee03ff2d8109861f8ef2a448b8c841538e03d83cd52a1cf9129d2f4d2f676e7
c1bc608f39e05ce4c24b3d10f2a9e4cde8b8ed6c96ea700ad03a6f79a971ef50
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c5985fe8e7ef7006e1cb3aad901bf7e63b883127934e8a5cd29fa4c6d126c2ef
c60bb4ab3dddedd4afb6c16f8ccb89f6cfdb6676014da18669318a15f67e1ca4
c96ae8acfabb6704848c4c6c5cd099bfc8a407531e8fb27c91824a0e192d685b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd6e4f2af27d27f6508255235794f280f5eec667e88d78b7928dc35ca61c41a6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1bcd853240223d473ee232668b6c16924d2a7910f62f796cd2c03bb3879aa07
d31d6b4a3a1766ba797d54f1750b8f4cf4eb2597df8bd4a698d938915335d087
d4ace7eeb3cac9975d9805d2f953c9fb3379b8eaab5b1aca14f7a503b82da881
d938c439822d73f57bc1244faf8735dbd80feddd14b266ba613187b78015ce7d
d9e0262b37f92f5d8e1de10a72b3104be5c753e35e4e35d0febc543864d0b0a4
da6ab29a323c79118fe78d0541b02c34f8319def2540106bc3cef644a6f2adf7
dafbac9b4d63f4a36178152b1acbf141e7591f73021454b79168572ec4fb3f8d
dea5f0f3aa6c54bd937e9707972ec0534d5c5703d8cd3e3fd2809b571307f44e
e192e9bb0ba15bae8d7be37f723cdcee07798ba5557220717f41e3e74e9d8831
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
e1f249cee33aff42da2e5f6604dc634201055f121a795c3d5d3ef292de7a2081
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8131429fa1cca4e679a6792f1b8168da3493fe8daa272baba01f54dacbfb2df
e91e97f32c3d1deb87a6673c372437d179c6c8256ebcbc4db8722e6abdef52d8
ea7376f6e8106b5f4212eff47785be3062baeb6dfef754f4602dc61f802f3b9f
ebb1a2afc718ad7acef5284dfaa5d8622464dc7abe08d3c6e1d018b4104a9e2b
ee8a661bb09779fdb6d381d2f2f31e436d510e3de1f6ceefbc440ceda2b658b3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2deec38d725198ee9c7eb5dec721c4192d2484a15d6ea2985c1a8c2adb12510
f36afdf98f0ded95956fd165105899803d42c2bb316a934bdfbfafd96442ca55
f3d2b1b1eceb88b8666cb9805ef52fed8218adb3b9b228a249846986c7389946
f6a0a87508d1c60c67f377571cccce10d21192e5998cbacf6d7579504e1463cd
f99976fe688459a652c025777e49a8ef4a6243cc00f520410aa6e8283c4ccac8

am590theanswer.com Open in urlscan Pro 2606:4700:20::681a:e4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

169 Requests

100 %HTTPS

52 %IPv6

44 Domains

58 Subdomains

54 IPs

6 Countries

4167 kBTransfer

6606 kBSize

9 Cookies

17 Outgoing links

Page URL History

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

am590theanswer.com Open in urlscan Pro
2606:4700:20::681a:e4 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

100 %
HTTPS

52 %
IPv6

44
Domains

58
Subdomains

54
IPs

6
Countries

4167 kB
Transfer

6606 kB
Size

9
Cookies

169 HTTP transactions
6 data transactions